Concurrent  Engineering  Series 


lyn— A278  405 


ntquiiimnt  i 


Piototyp# 


11  \ 


ApptvvoJ  t'7:  r-’”  h**"-  "  v- f-A; 


Reliability  Analysis  Center 

m 

#  m 

A  DoD  Information  Analysis  Center 

1 

j 

Ordering  No.:  CRTA-CE 


Introduction  to 
Concurrent  Engineering: 
Electronic  Circuit  Design  and 
Production  Applications 

1992 


Prepared  by: 

Reliability  Analysis  Center 
PO  Box  4700 
Rome,  NY  13440-8200 


Under  contract  to: 

Rome  Laboratory 
GriffissAFB,NY  13441-5700 


Approved  for  Public  Release.  Distributicn  Unlimited 


The  information  and  data  contained  herein  have  been  compiled  from  government 
and  nongovernment  technical  reports  and  from  material  supplied  by  various 
manufacturers  and  are  intended  to  be  used  for  reference  purposes.  Neither  the 
United  States  Government  nor  IIT  Research  Institute  warrant  the  accuracy  of  this 
information  and  data.  The  user  is  further  cautioned  that  the  data  contained  herein 
may  not  be  used  in  lieu  of  other  contractually  cited  references  and  specifications. 

Publication  of  this  information  is  not  an  expression  of  the  opinion  of  the  United 
States  Government  or  of  IIT  Research  Institute  as  to  the  quality  or  durability  of  any 
product  mentioned  herein  and  any  use  for  advertising  or  promotional  purposes  of 
this  information  in  conjunction  with  the  name  of  the  United  States  Government  or 
nr  Research  Institute  without  written  permission  is  expressly  prohibited. 


ii 


The  Reliability  Analysis  Center  (RAC)  is  a  Department  of  Defense  Information 
Analysis  Center  sponsored  by  the  Defense  Technical  Information  Center,  managed 
by  the  Rome  Laboratory  (formerly  RADC),  and  operated  by  HT  Research  Institute 
(IITRI).  RAC  is  chartered  to  collect,  analyze  and  disseminate  reliability  information 
pertaining  to  systems  and  parts  used  therein.  The  present  scope  includes  integrated 
circuits,  hybrids,  discrete  semiconductors,  microwave  devices,  optoelectronics  and 
nonelectronic  parts  employed  in  military,  space,  industrial  and  commercial 
applications.  The  scope  of  the  reliability  activities  include  the  related  disciplines  of 
Maintainability,  Testability,  Statistical  Process  Control,  Electrostatic  Discharge,  and 
Total  Quality  Management. 

The  data  contained  in  the  RAC  databases  are  collected  on  a  continuous  basis  from  a 
broad  range  of  sources,  including  testing  laboratories,  device  and  equipment 
manufacturers,  government  laboratories  and  equipment  users  (government  and 
industry).  Automatic  distribution  lists,  voluntary  data  submittals  and  field  failure 
reporting  systems  supplement  an  intensive  data  solicitation  program.  Users  of  RAC 
data  are  encouraged  to  submit  reliability  data  to  RAC  to  enhance  these  data 
collection  efforts. 

Reliability  data  and  analysis  documents  covering  most  of  the  device  types 
mentioned  above  are  available  from  the  RAC.  Also,  RAC  provides  reliability 
consulting,  training,  technical  and  bibliographic  inquiry  services  which  are  noted  at 
the  end  of  this  document. 


REQUEST  FOR  TECHNICAL  ALL  OTHER  REQUESTS 

ASSISTANCE  AND  INFORMATION  SHOULD  BE  DIRECTED  Ta 

ON  AVAILABLE  RAC  SERVICES  AND 
PUBUCATIONS  MAY  BE  DIRECTED  Ta 


Reliability  Analysis  Center 
201  Mill  Street 
Rome,  NY  13440 


Rome  Laboratory 
ERSS/Duane  A.  Gilmour 
Griffiss  AFB,  NY  13441-5700 


TQM  Inquiries:  (800)  526-4804 

Non-Technical  Inquiries:  (315)  330-4151 
(315)  337-0900 

Technical  Inquiries:  (315)  337-9933 

TeleFax:  (315)  337-9932 


Telephone:  (315)  330-2660 
Autovon:  587-2660 


Aocetsio"  Fiir 

"sTli  .Hi.:,  I 

0^  1 

ill’' 

□  1 

□  i 

t,  li  1  u  .'.t  j  t:,-; _ 

_ 1 

©  1992,  nr  Research  Institute 
All  Rights  Reserved 


I  _ _ _ 

!  ^  b.v 

I  ^  i  ^ ^  1 ' 

I  ?.v 

r'i  , 


iii 


Form  Approved 


REPORT  DOCUMENTATION  PAGE 

OMB  No.  0704-0188  _ _ _ _ _ _ _ 

TC5ncwp!wUnpw3eir?5MK^ont55i^ru3orBSnoirir55nS5crto  avtnge  1  hcmr  per  wpOMe,  tn3u3InpC^n»^  reviewing  iMtiuc>ion%  ttarrliiin,  exiiting  d«u  tourcM,,  gtthgiag  and 
mainUining  th«  data  needed,  and  completing  and  revie%vlng  the  coUectloa  of  Information.  Send  commenta  regarding  thle  burden  catlmatc  or  any  other  aepect  of  thle  collection  of  Informatloi^ 
Including  suggeetlona  for  reducing  thle  burdeit,  to  Waehln^m  Headquarten  Sendoea.  Dlreuoruc  for  Informatlofi  Operatkma  and  Bepoita^  1215  )effcmon  David  Hl^way.  Suite  I20i  Arliagtoa, 

vA^2222^i^i2£i£iJj*£22^[,il*j2fiS!I2iii£SiifiSL«£2S2l2d^Sil£22!^2i£i22i£12£— lSS£SfiSJ*^£221i«i— 

I.  AGENCY  USE  ONLY  (Ltfow  B/anW  2  REPORT  DATE  1 3u  REPOT'T  TYPE  AND  DATES  COVERED 

_ _ September  1992 _ 

4  TITLE  AND  SUBTITLE  5.  FUNDING  NUMBERS 

Introduction  to  Concurrent  Engineering;  Electronic  Circuit  Design  and  6528 

Production  Applications 

6.  AUTHOR^S) 

_ Norman  B.  Fuqua 

7.  PERFORMING  ORGANIZATION  NAME(S)  AND  ADDRESS(ES)  &  PERFORMING  ORGANIZATION 

REPORT  NUMBER 

Reliability  Analysis  Center 

P.O.  Box  4700  CRTA-CE 

Rome,  NY  13440-8200 _ _ 

9.  SPONSORING/MONITORING  AGENCY  NAME(S)  AND  ADDRESSES)  10.  SPONSORING/MONITORING 

AGENCY  REPORT  NUMBER 

IDefense  Technical  Information  Center  (DTIC-AI) 

Cameron  Station  F30602-91-C-0002 

Alexandria,  VA  22314-6145 _ _ 

II.  SUPPLEMENTARY  NOTES 

Hard  copies  available  from  the  Reliability  Analysis  Center,  201  Mill  Street,  Rome,  NY  13440-6916. 

(Price:  $75.00  U.S.,  $85.00  Non-U.S.). 

12a.  DISTRIBUTION/AVAILABILITY  STATEMENT  12b.  DISTRIBUTION  CODE 

Approved  for  public  release;  distribution  unlimited.  Unclassified 

13.  ABSTRACT  (Maximum  200  words) 

This  document  presents  an  overview  of  Concurrent  Engineering  (CE),  i.e.,  the  use  of  Multi-discipline  Design  Teams 
to  perform  the  simultaneous  design  of  the  product  and  the  process  to  produce  the  product.  The  intent  is  to  encourage 
product  developers,  from  the  outset,  to  consider  all  elements  of  the  product  life  cycle  from  conception  through  disposal, 
including  quality,  cost,  schedule  and  the  user  requirements.  The  document  also  explores  a  number  of  specific  tools  which 
may  be  us^  to  assist  the  reader  in  the  implementation  of  CE. 

14  SUBJECT  TERMS  15.  NUMBER  OF  PAGES 

Concurrent  Engineering  Multi-Discipline  Design  Teams  120 

Product  Life  Cycle  Robust  Design 

Automated  Design  Tools  Design,  Development,  Production 

16.  PRICEaXTE 

17.  SECURITY  CLASSmCATION  18.  SECi;RnVCLASSIHCAT:ON  19.  SECURITY  CLASSIHCATION  2a  LIMITATION  OF  ABSTRACT 


NSN  7540-01 -280-55(X) 


Standard  Form  298  (Rev.  2-89) 

PrcKiIbed  by  ANSI  Std.  Z349-18 
298-102 


FOREWORD 


Concurrent  Engineering  (CE)  utilizes  Multi-discipline  Design  Teams  to  perform 
the  simultaneous  design  of  the  product  and  all  of  the  life-cycle  processes  associated 
with  the  product  that  are  required  to  meet  the  user's  needs.  CE  begins  with  a 
complete  identification  of  these  user  needs,  some  of  which  may  be  conflicting  in 
nature,  and  then  seeks  to  optimize  the  design  of  both  the  product  and  the  process 
over  this  entire  spectrum  of  needs  to  assure  maximum  customer  satisfaction. 
Organizations,  which  fail  to  take  advantage  of  CE's  benefits  and  fail  to  utilize  CE  in 
their  design  process,  may  eventually  cease  to  be  competitive  in  the  world 
marketplace. 

CE,  which  emphasizes  Multi-parameter  Optimization  of  the  design,  is  still  an 
emerging  concept  which  means  that  not  all  facets  of  the  technology  are  firmly  in 
place.  The  automated  tools,  used  as  one  means  of  implementing  CE,  are  incomplete 
or  non-existent  in  some  areas,  and  highly  fragmented  in  others.  However,  they 
will  continue  to  be  improved,  integrated,  and  made  accessible  to  multi-user 
engineering  workstations.  This  trend  will  continue  to  enhance  the  synergistic 
relationship  between  the  various  technical  disciplines. 

The  demonstrated  effectiveness  of  a  CE  design  approach  in  reducing 
development  time  and  development  cost  while  at  the  same  time  enhancing 
customer  satisfaction  for  commercial  products  has  made  this  approach  prudent  for 
Department  of  Defense  (DoD)  also.  MIL-STD-499B  "Systems  Engineering"  (when 
approved)  will  implement  the  technical  essence  of  Concurrent  Engineering  in  new 
DoD  procurement  contracts  by  requiring:  a)  the  simultaneous  development  of 
system  products  and  life-cycle  processes  to  satisfy  user  needs,  b)  the  utilization  of 
multidisciplinary  teams,  and  c)  a  systems  engineering  methodology.  Separate  DoD 
procurement  requirements  (CALS)  also  obligate  the  contractor  to  consider  some 
form  of  automated  interchange  of  technical  information  in  lieu  of  paper 
deliverables.  Combined  together,  these  factors  will  have  significant  contractual 
impact  upon  Reliability,  Maintainability,  Safety  and  Logistics  requirements. 


V 


TABLE  OF  CONTENTS 


Page 

SECTION  1;  THE  NEED  FOR  CONCURRENT  ENGINEERING 

1.0  THE  NEED  FOR  CONCURRENT  ENGINEERING .  1 

1.1  The  Problem  -  Loss  of  Markets  and  Loss  of  Competitiveness .  1 

1.2  The  Solution:  Concurrent  Engineering .  1 

1.2.1  The  Essence  of  Concurrent  Engineering .  2 

1.2.2  The  Process:  Translation  of  the  Requirements  Into 

The  Product .  3 

1.2.3  The  Philosophy:  Continuous  and  Aggressive  Design 

Improvement . 4 

1.3  Some  Common  Misconceptions  Regarding  CE .  4 

1.4  The  Benefits  of  Concurrent  Engineering .  5 

1.5  Management  Challenges  of  Concurrent  Engineering .  7 

1.6  The  Multi-Discipline  Team  Concept .  7 

1.7  The  Need  for  Concurrent  Engineering  References .  8 

SECTION  2:  ROBUST  aRCUTT  DESIGN 

2.0  ROBUST  CIRCUIT  DESIGN .  13 

2.1  Robust  Circuit  Design  Parts  Database .  15 

2.2  Environmental  Considerations .  16 

2.3  Robust  Circuit  Analysis .  16 

2.3.1  Extreme  Value  Analysis  (EVA)  or  Absolute  Worst  Case .  17 

2.3.2  Root-Sum-Squared .  17 

2.3.3  Monte  Carlo  Simulation .  18 

2.3.4  Application  of  the  Various  Methods .  19 

2.4  Taguchi  Methods  and  Design  of  Experiments .  19 

2.5  Robust  Circuit  Design  References .  22 

SECTION  3;  REUABILITY  AND  MAINTAINABILITY  CONSIDERATIONS 

3.0  RELIABILITY  AND  MAINTAINABILITY  CONSIDERATIONS .  27 

3.1  Reliability  Program .  27 

3.1.1  Reliability  Modeling  and  Prediction .  31 

3.1.1.1  Reliability  Modeling  Methods .  33 

3.1.1.2  Reliability  Prediction  Methods .  34 

3.1. 1.3  Tcdloring  Reliability  Models  and  Predictions .  35 

3.1.2  Part  Derating .  36 

3.1.3  Failure  Mode,  Effects  and  Criticality  Analysis .  38 

3.1.4  Fault  Tree  Analysis .  40 

3.1. 4.1  Fault  Tree  Construction .  41 

3.1. 4.2  Qualitative  Evaluations  -  Cut  Sets .  42 

3.1. 4.3  Qualitative  Importances .  44 


TABLE  OF  CONTENTS  (Cont'd) 

Pay 

3.0  REUABILITY  AND  MAINTAINABILITY  CONSIDERATIONS  (Cont'd) 

3.1. 4.4  Conunon  Cause  Susceptibilities .  44 

3.1.4.5  Quantitative  Evaluations .  44 

3.1. 4.6  Additional  Reference  Source .  46 

3.1.5  Sneak  Circuit  Analysis .  46 

3.1. 5.1  Topological  Pattern  Identification .  47 

3. 1.5.2  Clue  Application .  47 

3.1. 5.3  Recent  ^A  Developments .  47 

3.1.6  Finite  Element  Analysis .  49 

3.1.6.1  Fatigue  Life  Prediction .  50 

3.1. 6.2  Creep  and  Stress  Relaxation .  51 

3.1.7  Failure  Reporting  Analysis  and  Corrective  Action  Systems .  51 

3.1. 7.1  DoD  FRACAS  Requirements .  54 

3.1. 7.2  FRACAS  In  Industry  Applications .  55 

3.2  Maintainability  Program .  55 

3.2.1  Maintainability  Prediction .  55 

3.3  Reliability  and  Maintainability  References .  58 

3.3.1  DoD  Specifications,  Standards,  and  Handbooks .  58 

3.3.2  Other  Source  Documents .  59 

3.3.3  References .  60 

SECTION  4:  PRODUCTION  CONSIDERATIONS 

4.0  PRODUCTION  CONSIDERATIONS .  63 

4.1  Producibility  Engineering .  63 

4.1.1  Specific  Characteristics  of  the  Design .  63 

4.1.2  Characteristics  of  Production  Planning .  65 

4.2  Electrical  Producibility  Considerations .  66 

4.3  Environmental  Stress  Screening .  67 

4.3.1  The  MIL-STD-2164  Approach  to  ESS .  68 

4.3.2  The  DOD-HDBK-344  Approach  to  ESS .  69 

4.3.3  Institute  of  Environmental  Sciences .  70 

4.4  Producibility  References .  70 

SECnONS:  TESTABILITY  CONSIDERATIONS 

5.0  TESTABILITY  CONSIDERATIONS .  75 

5.1  Design  for  Testability  Objectives  and  Requirements .  75 

5.2  Testability  Program  Monitoring  and  Control .  76 

5.3  Testability  Design  and  Analysis .  77 

5.4  Tailoring  a  Testability  Program .  78 

5.5  ANSI/IEEE  Standard  1149.1 .  79 

5.6  Testability  References .  80 


viii 


TABLE  OF  CONTENTS  (Cont’d) 


Page 

SECTION  6:  COMPLEMENTARY  EFFORTS  AND  ACTIVITIES 

6.0  COMPLEMENTARY  EFFORTS  AND  ACnVITIES. .  83 

6.1  Computer-Aided  Acquisition  and  Logistics  (CALS) .  83 

6.2  MIL-HDBK-59  Requirements .  83 

6.3  MIL-STD-1840  Requirements .  85 

6.4  Some  Other  DoD  and/or  Industry  CE  Initiatives .  86 

6.4.1  DICE .  86 

6.4.2  CAD  Framework  Initiatives .  86 

,  6.4.3  RAMCAD .  87 

6.5  Complementary  Efforts  and  Activities  References .  87 

SECTION  7:  CURRENTLY  AVAILABLE  AUTOMATED  TOOLS 

/.O  REPRESENTATIVE  SAMPLE  OF  AVAILABLE  AUTOMATED  TOOLS .  91 

7.1  Electrical  and  Electronic  Design  Analysis  Tools .  92 

7.1.1  Schematic  Caphire  Packages .  92 

7.1.2  Analog  Circuit  and  Digital  Logic  Simulation  and 

Analysis  Tools .  93 

7.2  Thermal  Analysis  Tools .  96 

7.3  Electromagnetic  Design  and  Simulation  Tools .  97 

7.4  Reliability  Analysis  ^ftware  Tools .  98 

7.4.1  Detail  Stress  Electronic  Reliability  Prediction .  99 

7.4.1.1  MIL-HDBK-217  Based  Predictions .  100 

7.4.1.2  Non-MIL-HDBK-217  Based  Predictions .  100 

7.4.2  Reliability  Prediction  -  Part  Covmt .  101 

7.4.3  Mechanical  Reliability  Prediction .  102 

7.4.4  Nonoperating  Reliability  Prediction .  103 

7.4.5  Failure  Modes,  Effects  and  Criticality  Analysis  Tools .  103 

7.4.6  Fault  Tree  Analysis  Tools .  104 

7.4.7  MARKOV  Reliability  Modeling  Tools .  105 

7.4.8  Failure  Reporting  Analysis  and  Corrective  Action 

System  Tools .  106 

7.4.9  Automated  Sneak  Circuit  Analysis .  107 

7.5  Maintainability  Analysis  Tools .  107 

7.6  Mathematical /Graphical  Analysis  Tools .  108 

7.7  Testability  Analysis  Tools .  109 

7.8  Finite  Element  Analysis  Tools .  110 

7.9  Automated  Tool  References .  Ill 


ix 


TABLE  OF  CONTENTS  (Cont'd) 


Page 

SECTION  8:  SOME  CHALLENGES  FOR  CE  IN  TODAYS  AUTOMATION 
ENVIRONMENT 

8.0  SOME  CHALLENGES  FOR  CE  IN  TODAYS  AUTOMATION 


ENVIRONMENT .  115 

8.1  Present  Database  Limitations .  115 

8.2  Limitations  of  Today’s  Automated  Tools .  115 

8.3  Challenges  for  CE  References .  116 


APPENDIX  A:  RAC  PRODUCTS 


USTOFnGURES 

HGURE  1:  A  COMPARISON  OF  SEQUENTIAL  AND  CONCURRENT 

ENGINEERING . 

HGURE  2:  RSS  ANALYSIS . 

HGURE  3:  TAGUCHI  LOSS  FUNCTION . 

HGURE  4:  LOSS  FUNCTION  EQUATIONS . 

HGURE  5:  PARAMETER  DESIGN . 

HGURE  6:  SIGNAL-TO-NOISE  RATIOS . 

HGURE  7:  FAULT  TREE  SYMBOLS . 

HGURE  8:  BASIC  TOPOGRAPHS . 

HGURE  9:  CLOSED  LOOP  FAILURE  REPORTING  AND  CORRECTIVE 

ACTION  SYSTEM . 

HGURE  10:  EXAMPLE  CIRCUIT  AND  APPUCABLE  NETUST . 


UST  OF  TABLES 

TABLE  1:  PARTS  TYPES  VS.  PRINCIPLE  SOURCES  OF  VARIATION .... 

TABLE  2:  MIL-STD-785B  APPLICATION  MATRIX . 

TABLE  3:  USES  OF  RELIABILITY  MODELS  AND  PREDICTIONS . 

TABLE  4:  OBJECTIVES  OF  A  FRACAS  PROGRAM . 

TABLE  5:  MIL-STD-470  APPUCATION  MATRIX . 


X 


iSiS 


XI 


SECTION  1 

THE  NEED  FOR  CONCURRENT 
ENGINEERING 


CRTA-CE 


1 


1.0  THE  NEED  FOR  CONCURRENT  ENGINEERING 

Engineering  and  production  organizations  all  over  the  world  are  under 
increasing  pressure  to  become  more  profitable  in  today's  business  environment. 
Defense,  non-defense  and  commercial  industries  are  all  facing  similar  comp)etitive 
pressures. 

1.1  The  Problem:  Loss  of  Markets  and  Loss  of  Competitiveness 

Some  of  the  major  deterrents  to  competitiveness  in  world  markets  today  are:  the 
failure  to  meet  the  user’s  needs,  excessive  cost,  perceived  poor  quality  and  excessive 
time,  required  to  design  and  introduce  a  new  product.  CE  ceeks  to  improve 
customer  satisfaction  by  a  recognition  of  all  of  the  user’s  sometimes  conflicting 
requirements  and  optimizing  the  design  over  the  entire  spectrum  of  user  needs 
including  cost  and  quality. 

The  delays  in  product  introduction  are  due  largely  to  the  serial  nature  of  the 
historic  design  process.  In  this  serial  structure  each  speciality  labors  on  the  design 
alone  until  they  have  completed  their  portion  of  the  effort  and  then  passes  the 
design  on  to  the  next  speciality.  This  further  reinforces  a  "stovepipe  mentality" 
whereby  each  technical  speciality  is  interested  only  in  optimizing  the  design  for 
their  specific  concern. 

With  this  scenario  in  place,  the  individual  contributions  of  each  of  the  various 
"ilities"  (Reliability,  Maintainability,  Testability,  Producibility,  etc.)  to  the  total 
design  effort  is  not  coordinated.  Each  engineer  may  be  an  expert  in  his  field  and 
very  talented  in  his  own  right,  but  until  they  all  work  well  together,  the 
development  process  is  inefficient  and  less  than  ideal. 

Too  frequently  the  perceived  philosophy  is  for  the  product  designers  to  complete 
their  preliminary  design  then  pass  it  on  to  the  next  discipline  when  they  are 
satisfied  with  it  and  move  on  to  something  new.  The  design  process  today  is  much 
too  complex  for  any  one  person  to  totally  accomplish  alone.  Many  years  ago,  a 
single  designer  might  be  expected  to  have  an  intuitive  knowledge  of  all  of  the 
necessary  areas  of  expertise,  but  with  the  higher  levels  of  complexity  of  toda5r's 
products,  human  intuition  is  less  than  effective.  Today,  inputs  from  experts  with 
experience  in  a  variety  of  diverse  disciplines  is  needed  to  assure  a  viable  product 
design. 

1.2  The  Solution:  Concurrent  Engineering 

CONCURRENT  ENGINEERING  IS  A  SYSTEMATIC  APPROACH  TO  THE 
INTEGRATED,  CONCURRENT  DESIGN  OF  PRODUCTS  AND  THEIR  RELATED 
PROCESSES,  INCLUDING  MANUFACTURING  AND  SUPPORT.  THIS 
APPROACH  IS  INTENDED  TO  CAUSE  THE  DEVELOPERS,  FROM  THE  OUTSET, 
TO  CONSIDER  ALL  ELEMENTS  OF  THE  PRODUCT  LIFE  CYCLE  FROM 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-09(X) 


2 


CRTA-CE 


CONCEPTION  THROUGH  DISPOSAL,  INCLUDING  QUALITY,  COST,  SCHEDULE, 
AND  USER  REQUIREMENTS.  [Reference  2]. 

As  shown  in  Figure  1,  this  is  in  marked  contrast  to  the  traditional  design 
approach  which  fragments  product  development  into  a  series  of  isolated 
engineering  specialities,  each  speciality  working  on  the  product  in  a  sequential 
development  manner.  The  intent  of  CE  is  to  cause  product  developers  to  consider 
all  elements  of  the  product  life  cycle  from  conception  through  disposal,  including: 
quality,  cost,  schedule,  and  user  requirements. 


SEQUENTIAL  ENGINEERING 


Requirement 


Product 


Process 

Development 


vs. 


CONCURRENT  ENGINEERING 

Requirement _ 

Product  Development _ 

Process  Development 

Prototype 


Prototype 

Development 


HGURE 1:  A  COMPARISON  OF  SEQUENTIAL 
AND  CONCURRENT  ENGINEERING 


CE  of  a  Product  includes  concurrent  application  of  each  of  the  various 
engineering  specialities  including  the  traditional  electrical  design,  mechanical 
design  and  thermal  design  as  well  as  all  of  the  other  applicable  "ilities":  reliability, 
maintainability,  testability,  producibility,  supportability,  s^ety,  logistics,  etc. 

1.2.1  The  Essence  of  Concurrent  Engineering 

CE  utilizes  Multi-discipline  Design  Teams  to  perform  the  simultaneous  design  of 
the  product,  the  production  process  and  all  of  the  associated  product  support 
processes.  It  emphasizes  multi-parameter  optimization  of  the  design.  CE  recognizes 
that  the  manufacturing  options  are  often  dictated  by  design  choices  that  may  be 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


CRTA-CE 


3 


arbitrary  in  nature.  It  seeks  to  correct  this  situation  by  mandating  and 
implementing  closer  communication  between  the  product  design  staff  and  the 
process  design  staff.  A  Multi-discipline  Design  Team  approach  accelerates  the 
synergistic  relationships  between  all  of  the  various  functional  disciplines. 

There  are  three  critical  elements  [Reference  2]  related  to  CE  which  should  be 
explored  in  greater  depth;  The  Timing,  The  Process  and  The  Philosophy. 

1.2.2  The  Process:  Translation  of  the  Requirements  Into  the  Product 

The  effective  and  timely  contribution  of  all  responsible  participants  in  the 
design,  manufacturing  and  use  cycle,  together  with  the  objective  identification  and 
evaluation  of  any  necessary  trade-offs  between  potential  conflicting  requirements,  is 
imperative. 

CE  may  sometimes  be  viewed  as  serving  at  least  three  different  customers:  a)  the 
end  user  of  the  product  being  developed,  b)  the  manufacturer  of  the  product,  and  c) 
the  service  organization  that  will  ultimately  support  the  product.  Since  customers 
often  do  not  imderstand  the  subtleties  of  their  needs  and  even  more  frequently  the 
limits  of  technology,  realistic  product  development  becomes  a  problem-solving 
process  among  multiple  customers  and  multiple  functional  experts  working  as  a 
team.  [4] 

A  technique  that  has  been  found  to  be  effective  in  assuring  that  the  customers' 
diverse  requirements  are  adequately  reflected  in  the  design  of  the  product  is  that  of 
Quality  Function  Deployment  (QFD).  "Deployment"  in  this  sense  means  "an 
extension  or  broadening  of  the  quality  activity"  beyond  its  historical  bounds  of 
inspection  and  process  control  into  the  sphere  of  product  development  as  well.  The 
QFD  process  begins  by  considering  the  product  or  service  from  the  customer's 
perspective,  i.e.,  elucidate  what  the  customer  would  like  if  the  product  or  service 
were  ideal.  These  nonparametric  "customer  perceived  quality  characteristics"  are 
then  translated,  by  the  multi-discipline  design  team,  into  "quantifiable  design 
characteristics."  QFD  thus  enables  the  design  team  to  transition  smoothly  from  the 
"world  of  the  customer"  to  "the  world  of  the  engineer."  [5] 

Some  of  the  major  elements  of  this  translation  process  include: 

•  INTEGRATED  PARTICIPATION  -  Continuing  integrated  participation  of 
multi-function  teams  in  the  design  of  the  product,  the  process  and  the 
product's  support  is  essential. 

•  ITERATION  AND  CLOSURE  OF  PRODUCT  AND  PROCESS  DESIGN  - 
The  process  of  integrating  multiple  engineering,  manufacturing,  and 
management  functions  must  provide  for  the  efficient  iteration  and 
closure  of  both  the  product  design  and  the  process  design. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


4 


CRTA-CE 


•  CONFLICT  RESOLUTION  -  The  methodology  must  also  identify 
conflicting  requirements  and  support  their  effective  resolution  through  an 
objective  choice  of  options  bas^  upon  a  quantitative  or  a  qualitative 
comparison  or  trade-o^,  as  appropriate. 

•  OPTIMIZATION  OF  BOTH  THE  PRODUCT  AND  PROCESS  DESIGN  -  It 
must  assure  the  best  possible  design,  within  the  given  constraints. 

1.2.3  The  Philosophy:  Continuous  and  Aggressive  E)esign  Improvement 

The  philosophy  of  CE  contains  a  number  of  key  elements  including: 

•  CONTINUOUS,  OPEN  COMMUNICATION  -  This  inch 
communication  between  customer  and  vendor,  both  within 
customer's  organization  and  the  vendor's  organizations. 

•  COMPLETE  UNAMBIGUOUS  STATEMENT  OF  USER  REQUIREMENTS  - 
This  statement  of  requirements  must  include  definitive  priorities  of  the 
various  requirements  to  be  applied  in  case  a  trade-off  analysis  becomes 
necessary. 

•  COMPLETE  UNAMBIGUOUS  DESCRIPTION  OF  THE  PRODUCT  AND 
ITS  RELATED  PROCESSES  -  The  goal  should  be  to  establish  a  dose 
working  relationship  and  open  lines  of  communication  between  the 
customer  and  the  vendor. 

•  BASELINE  PRODUCT  AND  PROCESS  EVALUATION  -  This  evaluation 
must  be  completed  prior  to  full  scale  production.  It  should  indude 
benchmarking  of  the  proposed  product  against  similar  world-class 
products. 

1.3  Some  Common  Misconceptions  Regarding  CE 

There  are  a  number  of  common  misconceptions  relating  to  CE  that  should  be 
addressed  and  corrected.  The  truths  regarding  CE  indude  the  following: 

•  CE  IS  NOT  A  MAGIC  FORMULA  FOR  SUCCESS  -  A  talented  design  and 
production  team  and  a  lot  of  hard  work  is  still  necessary  to  assure  a 
successful  end  product.  It  means  using  a  sdentific  approach,  making 
dedsions  based  on  data  rather  than  hunches,  looking  for  antecedent  causes 
of  problems  rather  than  reacting  to  superficial  symptoms,  seeking 
permanent  solutions  rather  than  relying  on  quick  fixes.  This  is 
accomplished  by  utilizing  techniques  such  as  experimental  design, 
simulation  modeling,  and  mathematical  analyses  to  seek  to  provide  a 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-09(X) 


CRTACE 


5 


deeper  understanding  of  interrelationships  and  determine  root  cause 
effects. 

•  CE  DOES  NOT  ELIMINATE  ANY  ENGINEERING  FUNCTION  -  In  CE  all 
downstream  processes  are  co-designed  toward  a  more  all-encompassing, 
cost-effective  design  solution.  Specialty  engineering  contributions  should 
accentuate  finding  root  causes  and  solutions  to  these  problen\s. 

•  CE  DOES  NOT  SIMPLY  OVERLAP  THE  DESIGN  AND  PRODUCTION 
TASKS  -  The  design  of  both  the  product  and  the  downstream  processes  are 
to  be  completed  prior  to  the  start  of  any  production. 

•  CE  IS  NOT  JUST  DESIGN  FOR  PRODUCIBILITY,  OR  DESIGN  FOR 
RELIABILITY,  OR  DESIGN  FOR  MAINTAINABILITY  -  CE  involves  the 
optimization  and  integration  of  all  design  disciplines  within  a  cost- 
effective  design  process. 

•  CE  IS  NOT  SIMPLY  CONSERVATIVE  DESIGN  -  CE  attempts  to  optimize 
the  design  over  a  larger  set  of  processes  and  determines  how  to  achieve 
the  requirements  using  the  lower  costs. 

•  CE  DOES  NOT  IMPLY  CONSERVATISM  IN  THE  INCORPORATION  OF 
NEW  TECHNOLOGIES  IN  THE  PRODUCT  -  Thorough  understanding  of 
the  design  and  control  of  their  applicable  manufacturing  processes  are  the 
essential  elements. 

•  CE  DOES  NOT  REQUIRE  CONSERVATIVE  TESTING  STRATEGY  -  CE 
tries  to  approach  one-pass  designs;  rather  than  repeated  test-and-fix  design 
cycles.  In  software  design,  a  negative  correlation  has  actually  been  found 
[Reference  3]  between  the  reliability  of  the  software  and  the  number  of  trial 
debugging  runs  performed  by  the  designer  (i.e.,  DO  IT  RIGHT  THE  FIRST 
TIME!). 

•  CE  DOES  NOT  IMPLY  CONSERVATIVE  INSPECTION  STRATEGIES  -  CE 
seeks  to  achieve  production  repeatability  through  design  robustness  of 
both  the  product  and  its  production  process,  i.e.  a  production  process  that 
provides  adequate  means  for  the  monitor  and  control  of  its  essential 
parameters. 

1.4  The  Benefits  of  Concurrent  Engineering 

Some  of  the  benefits  derived  from  using  a  concurrent  engineering  design 
approach  rather  than  the  conventional  serial  design  approach  include: 

•  A  SIGNIFICANT  REDUCTION  IN  THE  TIME  NECESSARY  TO  ITERATE 
A  DESIGN  -  Design  analyses  which  formerly  took  several  engineers  weeks 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


6 


CRTA-CE 


to  determine,  can  now  be  accomplished  in  several  hours  using  automated 
design  tools. 

•  DEVELOPMENT  OF  RAPID  REPRESENTATIVE  PROTOTYPES  -  A 
prototype  which  accurately  reAects  both  the  design  and  the  manufacUuing 
process  becomes  easier  to  accomplish  as  the  design  process  is  moved  out  of 
the  laboratory  and  onto  engineering  workstations.  Using  modem  digitally 
based  manufacturing  techniques  such  as  Aexible  man^acturing,  stereo¬ 
lithography  (e.g.,  3-D  printing  and  selective  laser  sintering  it  is  possible  to 
quickly  and  economically  execute  prototypes,  from  a  variety  of  materials, 
which  accurately  reAect  the  form.  At,  and  funcAon  of  the  final  production 
configuration.  The  necessary  digital  design  data  comes  directly  from  the 
applicable  CAD  workstation. 

•  ELIMINATION  OF  "FUNCTIONAL  STOVEPIPE"  MENTALITY  - 
Sophisticated  computerized  tools  permit  designers  to  begin  considering 
the  implications  of  each  "ility"  much  earlier  in  the  design  cycle. 

•  PHYSICAL  PROXIMITY  IS  NOT  NECESSARILY  REQUIRED  -  A  common 
electronic  database  may  eliminate  the  need  to  consolidate  the  design  team 
at  a  single  location.  CE  promotes  an  improved  interchange  of  information 
between  the  various  engineering  disciplines. 

•  DESIGN  CHANGES  ARE  IMMEDIATELY  AVAILABLE  TO  ALL  TEAM 
MEMBERS  -  With  a  common  electronic  database,  design  changes  made  by 
one  team  member  are  immediately  available  for  evaluation  by  all  of  the 
team  members. 

•  REDUCED  TOOLING  IMPACT  -  CAD/CAM-based  Aexible  manufacturing 
conAgurations  minimize  the  tooling  impact  of  changes  and  permit  rapid 
correction  of  most  design-oriented  problems. 

•  REDUCED  NEED  FOR  MOCK-UPS  -  Effective  computerized  models 
Aequently  reduce  or  eliminate  a  need  for  mock-ups.  This  becomes  more 
obvious  as  the  design  process  is  moved  out  of  the  laboratory  and  onto 
engineering  workstations  with  enhanced  graphic  presentations. 

•  WITH  CE  QUALITY  ASSURANCE  BECOMES  A  PROBLEM  SOLVER 
RATHER  THAN  A  "POLICEMAN"  -  The  major  role  of  QA,  is  changed 
from  simply  finding  bad  parts  to  reducing  process  variability  which 
ensures  the  stability  of  the  manufacturing  process  and  prevents  the 
making  of  bad  parts. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


1.5  Management  Challenges  of  Concurrent  Engineering 

The  implementation  of  CE  within  an  organization  familiar  with  a  serial  design 
process  is  not  going  to  be  easy. 

CE  REQUIRES  A  BASIC  CHANGE  IN  THE  WAY 
COMPANIES  CONDUCT  BUSINESS 

In  contrast  to  the  historic  philosophy,  manufacturing  and  tooling  personnel 
must  now  be  an  integral  part  of  the  design  team.  Also,  Statistical  Process  Control 
(SPC)  is  absolutely  essenti^  to  control  and  reduce  process  variability. 

Middle  Management  is  frequently  the  most  difficult  sector  to  get  involved  in  this 
revolutionary  change.  The  associated  cultural  and  management  changes  are  usually 
harder  to  direct  than  are  the  technical  changes. 

1.6  The  Multi-Discipline  Team  Concept 

A  fundamental  tenet  of  CE  is  that  an  organization's  most  valuable  resource  is  its 
people.  Yet  to  be  successful,  these  people  must  work  together  effectively  in  teams. 

The  formation  of  a  multi-discipline  product/process  development  team  and  the 
molding  of  these  various  individual  specialists  into  a  productive  working 
relationship  (i.e.,  team  building)  are  aitical  to  the  success  of  CE.  The  team  must  be 
composed  of  individuals  who  have  the  vision  and  the  ingenuity  to  do  things 
differently,  and  yet  interface  harmoniously.  The  success  of  a  CE  project  clearly 
depends  upon  the  ability  of  these  team  members  to  work  together. 

Problem  solving  is  the  key  role  of  the  team.  Problem  solving  in  the  product  and 
process  definition  of  a  complex  system  goes  beyond  decision  making  -  it  includes 
defining  the  problem,  generating  alternate  solutions,  re-evaluating  alternatives, 
selecting  alternatives,  and  implementing  the  solution.  These  problems  are  multi- 
leveled,  multi-dimensional,  and  multi-disciplinary  -  all  of  the  information  required 
to  form  a  solution  may  not  be  available,  and  the  available  information  may  be  based 
on  judgment  and  experience.  Hence,  initial  concentration  will  be  placed  on 
blending  human  rather  than  technical  aspects  of  the  team. 

The  multifunctional  nature  of  the  team  further  complicates  group  d)mamics 
because  of  language  barriers,  perceptions  of  unequal  status,  and  general  cultural 
barriers  to  teamwork.  Yet  achieving  consensus  among  members  of  a  CE  team,  i.e., 
arriving  at  a  product  and  process  definition  that  every  team  member  accepts,  is  the 
goal.  Thus  all  team  members  must  be  satisfied  with  the  design,  accept  ownership  of 
it,  and  become  responsible  for  it. 

There  are  various  methods  and  management  practices  to  help  overcome  these 
difficulties  and  to  accomplish  CE  product  and  process  definition.  These  different 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440-6916  •  315-337-0900 


8 


CRTACE 


methods  must  be  adequately  explored  to  find  those  methods  which  are  most 
effective  for  a  given  organization.  Every  effort  should  be  made  by  management  to 
enable  the  team  and  remove  existing  barriers  to  ensure  that  the  various  team 
members  individually  accept  ownership  of  the  CE  processes  and  the  responsibility, 
authority,  and  accountability  for  the  CE  product. 

A  cornerstone  of  this  emphasis  on  human  resources  and  teamwork  is  training  in 
the  underlying  philosophy  of  continual  improvement,  the  tools  and  techniques  of 
the  scientific  approach  to  problem  solving,  and  the  skills  required  to  work  together 
effectively  in  a  team  setting. 

As  processes  become  more  sophisticated  and  automated,  corporate  success 
becomes  people  dependent  rather  than  technology  dependent.  Instead,  human 
skills  and  especially  team  working  skills  must  be  developed  simultaneously  with 
computer  software  and  equipment  hardware,  and  then  managed  in  such  a  way  that 
they  reinforce  each  other.  [6] 

In  the  final  analysis  the  success  of  CE  in  any  organization  depends  largely  on  the 
success  of  the  building  and  operation  of  these  multi-discipline  teams.  [7] 

1.7  The  Need  for  Concurrent  Engineering  References 

[1]  Hall,  D.,  et  al,  "CALS  Technical  Report  001  -  Integration  of  R  &  M  into  the 
Automated  Design  Process,"  CALS  Industry  Steering  Group,  March  1988. 

[2]  Winner,  R.  J.,  et  al,  "The  Role  of  Concurrent  Engineering  in  Weapons 
Systems  Acquisition,"  Institute  for  Defense  Analysis,  Report  R-  338, 
December  1988 

[3]  Keene,  S.,  "Software  Reliability  Directions,"  Reliability  Review,  ASQC, 
March  1991 

[4]  Richter,  Dr.  K.J.,  "Concurrent  Engineering  Some  Definitions  and  Issues,"  '92 
Product  Assurance  Forum,  April  1992 

[51  Smith,  L.C.,  "Quality  Function  Deployment  and  Its  Application  in 
Concurrent  Engineering,"  '92  Product  Assurance  Forum,  April  1992 

[61  Hays,  R.L.,  et  al.,  "Dynamic  Manufacturing:  Creating  the  Learning 
Organization,"  The  Free  Press,  New  York,  NY,  1988 

ITl  Richter,  Dr.  K.J.,  "Organization  and  Management  of  Concurrent 
Engineering  Team,"  '92  Product  Assurance  Forum,  April  1992 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


SECTION  2 


ROBUST  CIRCUIT  DESIGN 


CRTA-CE 


11 


2.0  ROBUST  aRCUTT  DESIGN 

Robust  Circuit  Design  is  an  integral  part  of  concurrent  engineering.  A  robust 
design  minimizes  less-than-optimal  interactions  among  a  product's  parts  caused  by 
external  factors  such  as  manidacturing  process  variations,  abusive  operation  and  the 
environment.  A  robust  design  seeks  to  reduce  product  sensitivity  to  the  sources  of 
variability  through  careful  selection  of  design  values.  Besides  minimizing 
deviations  within  a  product,  a  robust  design  seeks  to  insulate  the  product  against 
outside  sources  of  variability  in  manufacturing  and  use  [Reference  1]. 

In  a  similar  manner  the  production  processes  utilized  can  also  be  designed  for 
robustness.  An  example,  for  electronic  circuits,  might  be  the  selection  of  a  specific 
soldering  process  i.e.,  vapor-phase  reflow  soldering,  versus  wave-flow  soldering, 
versus  hand  soldering  and  then  the  subsequent  optimization  of  that  specific 
soldering  process.  Unfortimately  however,  a  detailed  study  of  production  process 
robustness  is  beyond  the  scope  of  this  treatise.  Two  excellent  sources  for  this  type  of 
information  are:  the  Electronic  Manufacturing  Productivity  Facility  (EMPF) 
[Reference  2]  and  the  Manufacturing  Technology  Information  Analysis  Center 
[Reference  31. 

The  goal  of  robust  circuit  design  is  to  select  design  values  that  maximize  key 
product  characteristics  in  relation  to  expected  variations.  The  problem  is  that  it  is 
hard  to  select  optimum  design  values  because  there  are  so  many  variations. 
Interaction  between  design  values  and  external  factors  are  often  so  complex,  that  the 
cost  and  difficulty  of  analyzing  them  is  overwhelming. 

To  overcome  this  obstacle  of  complexity,  a  robust  circuit  design  approach  seeks  to 
integrate  the  outputs  of  various  analytical  tools  to  address  not  only  the  concerns  of 
design  functionality  but  also  its  reliability,  testability,  producibility,  environmental 
sensitivity  and  long-term  life  of  the  electronic  circuits  and  s5rstems. 

A  ROBUST  DESIGN  IS  A  DESIGN  THAT  EXHIBITS 
MINIMAL  SENSITIVITY  TO  BOTH  EXTERNAL  AND  INTERNAL  INFLUENCES. 

These  influences  include  (but  are  not  limited  to): 


Temperature  Voltage 

Cooling  Changes  Vibration 

Part  Manufacturing  Variation  Shock 

Part  Aging  Characteristics  Radiation 

Load  Changes  EMI 


A  robust  design  approach  addresses  the  potential  variability  of  the  individual 
components  from  which  the  circuit  is  assembled  and  the  manner  in  which  these 
parts  typically  fail,  the  effect  of  environmental  influences  upon  the  proper 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  1344(W916  •  315-337-0900 


12 


CRTA-CE 


functioning  of  the  circuit,  and  the  ability  to  successfully  test  the  circuit  after  it  has 
been  manufactured. 

In  theory  CE  does  not  require  automation,  but  modern  electronic  design  is 
heavily  dependent  upon  automation  as  a  practical  necessity.  Therefore,  in  this  case, 
CE  is  dependent  upon  the  effective  use  of  automated  tools.  Specific  objectives  in 
the  use  of  these  automated  tools  in  a  Robust  Circuit  Design  approach  are: 

•  To  identify  and  utilize  Modem  Analytical  Tools  to  optimize  the  circuit 
design  from  a  functional,  reliability,  maintainability  and  testability 
viewpoint.  The  majority  of  these  analysis  techniques  have  now  been 
automated.  Specific  examples  of  commercial  software  tools  to  aid  in  the 
performance  of  these  and  other  related  analyses  are  discussed  in  greater 
detail  in  Section  7.0,  "Currently  Available  Automated  Tools." 

•  To  understand  the  strengths,  weaknesses  and  limitations  of  these  tools  so 
that  they  can  be  used  cost-effectively  in  their  application. 

•  To  integrate  the  results  of  each  individual  analytical  technique  into  a 
coherent  total  design  package. 

While  a  major  thrust  of  the  Robust  Circuit  Design  approach  is  centered  on  circuit 
analysis,  it  is  equally  concerned  with  integrating  the  outputs  of  each  of  the  various 
distinct  "ilities"  into  a  complete  concurrent  design  package. 

A  robust  circuit  design  approach  deals  with  many  different  topics.  It  is  concerned 
with  mathematics  and  statistics  including:  Error  Considerations,  Approximations 
and  Evaluation  Limitations,  Sensitivity  Analysis  Methods,  Random  Variable 
Theory,  Combining  Random  Variables,  Part  Value  Distributions,  Normal 
Distribution  Tables,  and  the  Central  Limit  Theorem  together  with  their  application 
to  circuit  analysis. 

Robust  circuit  design  considers  anticipated  variations  in  part  parameters  of  both 
newly  received  devices  and  variations  which  result  from  aging  and  environmental 
factors.  These  part  parameter  changes  must  be  combined  for  each  applicable  part. 
However,  there  are  usually  numerous  ways  to  combine  these  parameter  changes. 
Furthermore,  part  parameter  changes  are  not  always  constant  and  monotonic  with 
changes  in  the  environment;  therefore,  a  sensitivity  analysis  of  the  part  parameters 
must  be  considered.  Development  of  a  part  tolerance  database  which  contains 
applicable  part  parameter  data  for  each  design  element  can  help  in  the  sensitivity 
analysis.  Once  components  are  integrated  into  a  circuit,  the  designer  must  be 
concerned  that  the  circuit  will  function  properly  under  all  foreseeable  circumstances 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


CRTA-CE 


13 


Thus  robust  circuit  design  is  concerned  with: 

•  Proper  parts  application  and  stress  analysis  including:  misapplication  of 
parts  and  the  interrelationship  between  thermal  and  electrical  stresses. 

•  Excessive  stresses  on  the  parts  possibly  resulting  in  permanent  damage  to 
the  parts. 

•  Circuit  analysis  including:  circuit  attributes  and  circuit  partitioiung,  circuit 
and  part  models  and  algorithms,  and  data  combining  methods  such  as: 
Extreme  Value  Analysis  (EVA),  Root  Svim  Squared  (RSS)  and  Monte  Carlo 
Simulation. 

•  Determination  of  a  circuit's  inherent  testability  and  test  signal 
optimization. 

•  Availability  of  automated  design  analysis  tools  (i.e.,  circuit  analysis, 
mathematical /graphical  analysis,  reliability  &  maintainability,  and 
testability  tools). 

•  Providing  proper  design  documentation  to  the  customer:  documentation 
adequacy,  report  format,  and  potential  pitfalls  in  the  documentation. 

•  Management  considerations:  initiating  and  controlling  the  analysis  task, 
interpreting  the  results,  risk  assessment  and  cost. 

2.1  Robust  Circuit  Design  Parts  Database 

Various  analyses  are  required  to  verify  that  electronic  hardware  will  comply  with 
specification  requirements  over  the  design  life.  These  analyses  can  be  complex 
requiring  the  use  of  various  computer  software  tools  to  adequately  address  the 
problem.  Most  of  the  circuit  analyses  require  a  detailed  inventory  of  the  piece  parts, 
their  initial  parameter  values  and  estimates  of  the  degree  of  change  that  can  be 
expected  wi^  these  parameters.  This  situation  can  best  be  handled  with  a  database 
management  system. 

Piece  part  parameter  values  are  affected  by  one  or  more  environmental 
conditions  and  a  number  of  methods  are  available  for  combining  the  effects  of  these 
environmental  factors.  The  part  level  database  provides  a  quantitative  assessment 
of  all  sources  of  variability  for  each  part  type  utilized  in  the  system.  The  statistical 
summation  of  the  variability  provides  il;e  basis  of  part  values  which  describe  the 
items  worst  case  minimum,  and  worst  case  maximum  parameters.  This  part 
database  becomes  the  foundation  for  all  CE  analyses  for  a  given  system.  All  analysts 
now  use  identical  source  data. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


14 


CRTA-CE 


The  part  database  accounts  for  cdl  part  parameter  variations  including  those  due 
to:  initial  tolerance,  environmental  effects  and  changes,  aging  and  life.  Usually  part 
types  have  more  than  one  parameter  that  is  significant  to  circuit  analyses.  These 
include  voltage,  current,  power  dissipation,  resistance,  etc.  Also,  there  are  two 
distinct  types  of  part  parameter  variations:  1)  biases,  those  that  are  predictable  in 
direction,  and  2)  random,  those  that  are  not  predictable  in  direction.  Both  are 
predictable  in  magnitude.  Both  the  bias  changes  and  the  random  changes  must  be 
addressed  in  the  parts  database. 

2.2  Environmental  Considerations 

Table  1  illustrates  some  of  the  most  important  and  common  environmental 
effects  including:  temperature,  aging  (powered),  radiation,  humidity,  mechanical 
(vibration /shock/ acceleration /spin),  life  (impowered),  vacuum,  and  electrical  stress. 

A  study  of  the  dominant  environmental  effects  on  part  operating  parameters  is 
essential  to  robust  circuit  design.  Additionally,  a  basic  knowledge  of  semiconductor 
and  component  materials  is  invaluable  to  the  analyst  and  designer  in  assessing 
these  environmental  effects.  Applying  this  knowledge  early  in  the  design  phase 
precludes  and  minimizes  the  later  occurrence  of  reliability  related  problems. 


TABLE  1:  PART  TYPES  VS.  PRINOPLE  SOURCES  OF  VARIATION 


TRAN¬ 

SISTOR 

DIODE 

ZENER 

DIODE 

DIGITAL 

IC 

LINEAR 

X 

tk. 

BSjI 

CAP¬ 

ACITOR 

INDUC¬ 

TOR 

RELAY 

X 

X 

X 

Note  1 

Note  1 

X 

X 

X 

Aging 

X 

X 

X 

X 

Radiation 

X 

X 

X 

X 

X 

Mechanical 

X 

X 

X 

X 

Humidity 

X 

X 

Life 

X 

X 

Vacuum 

X 

X 

Electrical 

X 

X 

X 

X 

X:  Significantly  effected  by  environment. 


Note  1:  Performance  limits  are  usually  specified  over  the  entire  temperature  range;  interpolation  is 

usually  not  possible. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


2.3  Robust  Circuit  Analysis 

In  a  typical  circuit  analysis  there  are  three  possible  methods  for  presenting  results 
and  combining  part  data.  They  are: 

•  Extreme  Value  Analysis  (EVA) 

•  Root’Sum-Squared  Analysis  (R^) 

•  Monte  Carlo  Simulation 

All  three  methods  require  a  part  database  with  part  operating  parameter  data,  but 
each  utilize  and  combine  data  from  the  database  in  different  ways  thus  giving 
different  numerical  results.  Two  of  the  methods,  RSS  and  Monte  Carlo,  are 
statistical.  They  consider  that  the  piece  part  parameter  variations  are  totally  random 
in  nature. 

EVA,  RSS  and  Monte  Carlo  Simulation  techniques  will  be  examined  in  the 
following  sections  with  their  respective  database  requirements  and  error  sources 
explained.  Also,  we  will  examine  situations  where  piece  part  parameter  variations 
consist  of  both  bias  and  random  components.  Differences  in  analysis  results  for  each 
of  the  three  techniques  will  also  be  presented. 

2.3.1  Extreme  Value  Analysis  (EVA)  or  Absolute  Worst  Case 

EVA  is  the  most  readily  obtainable  estimate  of  a  circuits  worst  case  performance 
and  it  does  not  require  statistical  inputs  for  circuit  parameters.  It  is  the  simplest  of 
the  three  approaches  to  use  and  yields  the  most  conservative  results.  It  is  often  used 
in  situations  where  high  reliability  is  a  critical  factor.  An  EVA  utilizes  limits  of  a 
pcirts  variability  and  the  circuit  directional  sensitivities  to  part  variations  as  inputs 
to  the  analysis.  The  database  need  supply  only  part  parameter  variation  extremes. 
EVA  results  illustrates  a  pessimistic  estimate  of  a  circuit's  worst  case  performance.  If 
the  EVA  indicates  a  circuit  failure,  additional  investigation  may  be  warranted  to 
assess  the  actual  risk  of  a  failure.  A  statistical  worst  case  estimate  requires 
considerably  more  computation  but  it  usually  gives  a  less  pessimistic  answer. 

2.3.2  Root-Sum-Squared 

RSS  deals  primarily  with  bias  variations.  The  RSS  analysis  technique  calculates 
the  standard  deviation  of  a  circuit  attribute  based  on  the  standard  deviations  of  the 
piece  part  parameters.  This  implies  that  the  piece  part  parameters  exhibit  random 
variations  but  knowledge  of  the  component  parameter's  probability  density  function 
(PDF)  is  not  required.  RSS  assumes  that  circuit  sensitivities  remain  constant  over 
the  range  of  parameter  variability  and  uses  an  approximation  that  circuit 
performance  variability  is  normally  distributed  (i.e..  Central  Limit  Theorem).  Thus, 
the  standard  deviation  of  the  piece  part  parameter  probability  distribution  is 
required.  RSS  is  defined  by  the  biases  and  the  standard  deviations  of  the  parts 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


16 


CRTA-CE 


variability  and  circuit  sensitivities  (i.e.,  the  magnitude  and  the  direction  of  the 
changes). 

To  perform  an  RSS  analysis  an  EVA  is  performed  first  using  only  the  bias 
portion  of  the  piece  part  parameter  variations  to  determine  the  minimum  and 
maximum  circuit  attribute  values.  The  RSS  analysis  is  then  performed  using  only 
the  random  portion  of  the  piece  part  parameter  variations  to  determine  the  3s  limits 
for  the  circuit  attribute.  Then,  the  calculated  3s  values  are  added  to  the  results  of  the 
EVA  to  obtain  the  RSS  minimum  and  maximum  attribute  values. 

Thus  RSS  results  in  a  better  estimate  of  the  true  worst  case  performance  than 
EVA,  RSS  also  provides  some  degree  of  risk  assessment  in  terms  of  the  percentage 
of  units  expected  to  pass  or  fail.  Figure  2  gives  us  a  visual  pK>rtrayal  of  the  RSS 
approach  to  parameter  variation.  The  distribution  is  divided  into  the  three  different 
elements  separating  the  positive  and  negative  bias  portions  of  variation  from  the 
random  portions  of  variation. 

2.3.3  Monte  Carlo  Simulation 

For  a  Monte  Carlo  simulation  the  probability  distribution  of  the  part  variability  is 
the  key  item  of  interest.  It  requires  an  accurate  knowledge  of  the  piece  part 
parameter  PDF.  It  provides  the  most  realistic  estimate  of  true  worst  case 
performance  of  the  three  methods  and  provides  additional  information  which  can 
be  applied  to  risk  assessment.  Monte  Carlo  simulation  requires  the  use  of  a  drcait 
simulation  tool  and  requires  considerable  computational  time. 

W/O  BIASES 


abiasmin  I  Abiasmax 

NEGATIVE  Anom  POSITIVE 


FIGURE  2:  RSS  ANALYSIS 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


17 


2.3.4  Application  of  the  Various  Methods 

As  we  have  seen  there  are  three  different  methods  of  dealing  with  parameter 
variations.  The  question  becomes  which  method  should  be  used  in  a  given 
situation? 

EVA  should  be  used  as  the  basic  approach  during  the  design  and  development 
phase.  It  is  the  simplest  technique,  is  easy  to  apply  and  has  the  most  elementary 
database  requirements.  If  the  design  fails  to  meet  its  performance  requirements 
during  an  EVA,  the  design  should  be  modified  if  possible. 

However,  there  are  some  occasions  when  this  is  not  appropriate: 

•  If  the  design  is  currently  in  production  or  fielded,  a  RSS  or  Monte  Carlo 
analysis  should  be  performed.  They  are  statistically  correct  and  less 
conservative  than  the  EVA  and  better  at  detennining  the  true  magnitude 
of  the  problem. 

•  When  the  design  topology  is  such  that  an  EVA  analysis  is  obviously  too 
conservative. 

2.4  Taguchi  Methods  and  Design  of  Experiments  (DOE) 

The  creation  of  robust  designs  is  the  goal  of  much  of  the  work  of  Genichi 
Taguchi,  a  noted  Japanese  quality  expert.  Starting  with  a  concept  of  quality  which 
equates  variation  to  loss,  Taguchi  promulgates  the  design  of  system  parameters  to 
minimize  output  variability  despite  changes  in  use  conditions,  using  his  own 
approach  to  the  Statistical  Design  of  Experiments  to  determine  the  effects  of  design 
and  use  factors  on  system  output. 

The  foundation  for  Taguchi's  work  is  his  loss  function,  which  basically  states 
that  any  deviation  from  a  design  target  represents  a  loss,  with  the  loss  proportional 
to  the  square  of  the  deviation.  Figure  3  compares  this  concept  to  the  more 
traditional  idea  that  it  is  sufficient  for  a  product  to  be  "in  spec."  The  left  side  of 
Figure  3  depicts  the  latter.  All  product  between  the  lower  specification  limit  and  the 
upper  specification  limit  is  considered  good.  For  obvious  reasons,  this  can  be  called 
the  "goal  post"  concept.  Products  showing  a  distribution  in  a  specified  parameter 
following  curves  A  or  B  in  the  figure  would  be  considered  good  since  most  of  the 
product  fits  between  the  specification  limits.  In  contrast,  the  right  side  of  Figure  3 
shows  the  loss  function.  Both  distribution  A  and  distribution  B  would  be 
considered  poor,  even  though  most  of  the  product  is  within  the  specification  limits. 
Distribution  A  has  too  wide  a  spread  and  distribution  B  is  centered  off  the  target.  In 
both  cases,  there  is  a  loss  created.  This  loss  can  be  direct  cost  to  the  manufacturer 
(e.g.  in  reworking  assemblies  when  off-target  parts  will  not  work  together)  or  a  "loss 
to  society"  (e.g.  off-target  pistons  will  produce  less  power  and  waste  more  fuel  than 
those  on-target). 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440-6916  •  315-337-09(X) 


18 


CRTA-CE 


nGURE3:  TAGUCHI  LOSS  FUNCTION 


The  loss  function  in  Figure  3  is  based  on  a  target  value.  There  are  also 
parameters  which  are  best  minimized  (e.g.  defects)  and  some  best  maximized  (e.g. 
miles  per  gallon).  Figure  4  provides  the  loss  functions  for  all  three  cases.  When  a 
value  of  (k)  is  determined  (e.g.  by  estimating  the  rework  costs  for  parts  at  the 
specification  limits)  loss  can  ^  computed  in  monetary  terms.  However,  it  is 
recommend  that  any  such  computation  be  used  as  a  relative  measure  to  quantify  the 
effects  of  proposed  improvements  rather  than  be  considered  an  absolute  measure  of 
actual  loss. 

Since  variation  is  equated  to  loss,  it  follows  that  design  should  be  created  to 
minimize  loss.  Figure  5  is  a  theoretical  fimction  relating  the  output  of  a  system  to 
some  input  parameter.  As  shown,  when  the  input  parameter  varies,  the  system 
output  ^so  varies,  but  setting  the  parameter  at  point  A  will  cause  more  variation, 
and  hence  loss,  than  setting  it  at  point  B.  Thus  the  designer  would  be  best  advised  to 
create  a  system  with  the  desired  output  produced  when  the  input  is  set  to  operate  at 
point  B. 

The  output  of  a  system  is,  of  course,  affected  by  more  than  one  design  parameter, 
and  also  by  use  parameters  which  cannot  be  controlled  by  the  designer.  Hence,  he  or 
she  must  determine  the  effects  of  all  significant  design  and  use  parameters  on  the 
system  output.  One  way  of  obtaining  this  information  is  through  the  statistical 
design  of  experiments  (DOE). 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


CRTA-CE 


SINGLE  UNIT  MULTIPLE  UNITS 

NOMINAL  L  -  k(o2  +  A^) 

IS  BEST  L»k(y-T)2  _ 

A2-(y  .T)2 


BIGGER 

IS  BETTER  L«kA 


SL  1 

1 

V 

1 

1 

LSL  T  USL 


SL 


LSL 


SMALLER 

IS  BETTER  L  =  k(y2)  L»k(y^  +  o2) 


SL 


nsi. 


HGURE  4:  LOSS  FUNCTION  EQUATIONS 


HGURES:  PARAMETER  DESIGN 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


20 


CRTA-CE 


One  intent  of  DOE  is  to  identify  those  parameters  which  have  the  greatest  impact 
on  the  output  of  the  system.  This  is  done  through  the  use  of  orthogonal  arrays, 
which  peimit  the  separation  of  the  effects  of  the  di^erent  parameters.  For  example, 
if  a  process  depended  on  only  two  parameters,  temperature  and  pressure,  an 
approach  to  DOE  would  be  to  first  select  a  high  and  low  temperature  and  a  high  and 
low  pressure,  then  run  four  tests:  one  at  high  temperature  and  low  pressure,  one  at 
high  temperature  and  high  pressure,  one  at  low  temperature  and  low  pressure  and 
one  at  low  temperature  and  high  pressure.  Some  output  of  the  process  would  be 
measured  in  each  test.  The  average  of  the  two  readings  at  high  temperature  would 
be  compared  to  the  average  of  the  two  readings  at  low  temperature  to  determine  the 
effects  of  temperature  on  the  process  output.  Similarly,  the  effects  of  pressure  would 
be  determined.  The  parameter  with  the  greater  impact  on  the  process  output  would 
be  considered  the  more  important  to  control. 

Taguchi  uses  many  modifications  to  DOE.  One  pertinent  to  this  discussion  is  the 
transformation  of  the  measured  outputs  into  "signal-to-noise  ratios."  These  are 
measures  which  combine  the  value  of  the  output  with  its  variation.  The  variation 
data  is  obtained  by  repeating  each  test.  In  the  example  above,  each  of  the  four  test 
settings  would  be  used  at  least  twice  each  to  measure  the  variation  in  the  output  at 
each  designated  test  setting.  The  parameter  having  the  greater  effect  on  the  signal- 
to-noise  ratio,  rather  than  on  the  output,  would  be  considered  the  more  important. 
Figure  6  shows  the  formulas  used  to  transform  the  output  measures  into  signal-to- 
noise  ratios. 


SMALLER  IS  BETTER  NOMINAL  IS  BETTER 


1  "f  1  ^ 

S/Nl=-10  Logical  -2- 

Yi  =  ONE  OBSERVATION 
n  =  NUMBER  OF  REPUCATIONS  OF  TEST  RUN 
nGURE6:  SIGNAL-TO-NOISE  RATIOS 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


21 


Although  Taguchi's  methods  are  often  challenged  by  other  statistical  experts, 
they  all  agree  that  variation  is  an  enemy  of  quality.  Robust  design,  defined  as 
designing  for  minimum  variation  in  system  output  despite  expect^  variation  in 
use  conditions,  is  universally  recommended. 

2.5  Robust  Circuit  Design  References 

[1]  "Robust  Circuit  Design  Training  Course"  Copyright  1991,  Reliability 
Analysis  Center,  Rome,  NY 

[2]  Electronics  Manufacturing  Productivity  Facility  (EMPF)  714  North  Senate 
Ave.,  Indianapolis,  IN  46204 

[31  Manufacturing  Technology  Information  Analysis  Center  10  West  35th 
Street,  Chicago,  Illinois  60616 


Reliability  Anal3^is  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  134406916  •  315-337-0900 


22 


CRTA-CE 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440-6916  •  315-337-0900 

( 


SECTION  3 

RELIABILITY  AND  MAINTAINABILITY 

CONSIDERATIONS 


CRTA-CE 


25 


3.0  REUABILITY  AND  MAINTAINABIUTY  CONSIDERATIONS 

This  section  addresses  analytical  methods  which  may  be  used  to  evaluate  various 
design  options  for  their  reliability  and  maintainability  impact.  Under  CE  the 
reliability  engineer  and  the  maintainability  engineer  must  work  with  other 
specialists  to  create  a  globally  balanced  design.  Reliability  enhancements  must  be 
traded  against  a  variety  of  other  considerations.  For  example,  redundancy  has 
obvious  cost,  weight  and  logistics  impacts  which  may  make  it  less  desirable  for 
certain  applications  than  others.  In  addition,  reliability  and  maintainability  tools 
can  help  to  put  potential  design  options  into  their  true  perspective.  Added  design 
features  may,  for  example,  cause  sneak  circuits  which  the  reliability  engineer  must 
identify  and  eliminate.  Failure  modes  and  effects  analysis  can  help  evaluate  the 
inherent  risks  of  different  design  approaches.  When  design  trade-offs  have  been 
made,  the  reliability  and  maintainability  engineers  must  make  sure  that  the 
anticipated  R  &  M  characteristics  are  actually  achieved  in  service.  These 
responsibilities  will  be  met  using  engineering  principles  and  analytical  techniques 
described  in  various  military  specifications  and  standards.  This  section  will  briefly 
discuss  the  pertinent  documents  and  the  analytical  techniques  which  they  describe 
in  much  greater  detail. 

3.1  Reliability  Program 

For  DoD  related  programs  most  reliability  requirements  are  delineated  in  MIL- 
STD-785,  "Reliability  Program  For  Systems  and  Equipment  Development  and 
Production."  This  standard  addresses  specific  reliability  tasks  and  describes  them  in 
limited  detail.  The  standard  also  contains,  in  Appendix  A,  detailed  guidelines  for 
tailoring  of  tasks  to  the  needs  of  a  specific  program.  MIL-STD-785  is  an  excellent 
guidance  document  for  commercial  programs  as  well. 

MIL-STD-785  contains  eighteen  different  Reliability  Tasks  (Table  2)  grouped  in 
three  categories:  (1)  Reliability  Accounting  Tasks,  (2)  Reliability  Engineering  Tasks 
and  (3)  Reliability  Management  Tasks.  The  second  group  of  tasks  related  to 
reliability  engineering,  are  the  tasks  that  are  most  applicable  to  concurrent 
engineering. 

Reliability  engineering  tasks  focus  on  the  prevention,  detection,  and  correction 
of  reliability  design  deficiencies,  weak  parts,  and  workmanship  defects.  An  effective 
reliability  program  stresses  early  investment  in  reliability  engineering  tasks  to  avoid 
subsequent  additional  costs  and  schedule  delays.  A  brief  synopsis  of  those  tasks 
applicable  to  concurrent  engineering  are  presented  below. 

Task  104:  Failure  Reporting.  Analyses,  &  Corrective  Action  Systems  (FRACAS) 

Early  identification  and  elimination  of  potential  failure  causes  is  key  to  improving 
system  reliability.  The  sooner  failure  causes  are  identified  the  easier  it  is  to 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


26 


CRTACE 


TABLE  2:  MIL-STI>785B  APPUCATION  MATRIX 


PROGRAM  PHASE  I 

TASK 

Concept 

Valid 

FSED 

PROD 

TASK 

TITLE 

TYPE 

101 

Reliability  Program  Plan 

MGT 

S 

S 

G 

G 

102 

Monitor /Control  of 
Subcontractors  and  Suppliers 

MGT 

S 

S 

G 

G 

103 

Program  Reviews 

MGT 

S 

S(2) 

G(2) 

G(2) 

104 

Failure  Reporting,  Analysis, 
and  Corrective  Action  System 
(FRACAS) 

ENG 

N/A 

S 

G 

G 

105 

Failure  Review  Board  (FRB) 

MGT 

N/A 

S(2) 

G 

G 

201 

Reliability  Modeling 

ENG 

S 

S(2) 

G(2) 

GC(2) 

202 

Reliability  Allocations 

ACC 

S 

G 

G 

GC 

203 

Reliability  Predictions 

ACC 

S 

S(2) 

G(2) 

GC(2) 

204 

Failure  Modes,  Effects  and 

ENG 

S 

S(l)(2) 

G(l)(2) 

GC(l) 

Criticality  Analysis 
(FMECA) 

(2) 

205 

Sneak  Circuit  Analysis  (SCA) 

ENG 

N/A 

N/A 

G(l) 

GC(l) 

206 

Electronic  Parts/Circuits 
Tolerance  Analysis 

ENG 

N/A 

N/A 

G 

GC 

207 

Parts  Program 

ENG 

S 

S(2) 

G(2) 

G(2) 

(3) 

208 

Reliability  Critical  Items 

Mcn- 

S(l) 

S(l) 

G 

G 

209 

Effects  of  Functional  Testing, 
Storage,  Handling, 

Packaging,  Transportation 
and  Maintenance 

ENG 

N/A 

S(l) 

G 

OC 

301 

Environmental  Stress 
Screening  (ESS) 

ENG 

N/A 

S 

G 

G 

302 

Reliability 

Development/Growth  Testing 

ENG 

N/A 

S(2) 

G(2) 

N/A 

303 

Reliability  Qualification 

Test  (RQT)  Program 

ACC 

N/A 

S(2) 

G(2) 

G(2) 

304 

Production  Reliability 
Acceptance  Test  (PRAT) 
Program 

ACC 

N/A 

N/A 

S 

G(2)(3) 

inCE 

Framework 


Program  Phase 


ACC  '  Reliability  Accounting 
ENG  -  Reliability  Engineering 
MCT  Management 


S  Selective^  Applicable 

G  General^  Applicable 

OC  *  Genenlly  Applicable  to  Design  Chaises  Onty 

N/A  -  Not  Applicable 


(1)  Requires  conaider^le  interpretation  of  intent  to  be  coat  effective 

Q)  MIL>STD>785  is  not  the  primaiy  implementation  requirement.  Other  MIL-SIDs  or  statement  of  work  requirements  must  be  included  to  define  the 
requirements. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440^916  •  315-337-0900 


CRTA-CE 


27 


implement  effective  corrective  actions  which  eliminate  the  problem  areas.  To  help 
monitor  and  track  this  process,  a  closed-loop  FRACAS  should  be  employed  early  in 
development  with  information  feedback  loops  to  all  engineering  disciplines. 

Task  105:  Failure  Review  Board  (FRB) 

Acquisition  of  expensive,  complex,  or  critical  equipment  requires  a  formalized 
FRACAS  controlled  by  a  Failure  Review  Board  (FRB)  consisting  of  representatives 
of  the  procuring  agency  and  the  contractor's  engineering,  quality  assurance  and 
manufacturing  personnel.  FRB  is  intended  to  ensure  that  FRACAS  is  properly 
implemented  providing  additional  assurance  of  tightly  controlled  reporting, 
analyses,  and  corrective  actions  on  identified  failiires. 

Task  201:  Reliability  Modeling 

Reliability  modeling  of  the  system,  subsystem  and  equipment  is  required  for 
numerical  apportionments  and  estimates  and  to  evaluate  complex  equipment 
arrangements.  Models  are  developed  early  in  the  program,  even  if  numerical  input 
data  is  limited.  Early  models  can  reveal  conditions  where  management  action  is 
required.  Models  then  evolve  as  the  system  becomes  more  defined  and  data 
becomes  available. 

Reliability  modeling  results,  system  duty  cycle  and  mission  operating  periods  are 
used  to  compute  failure  rate  and  probability  of  mission  success  which  provide 
valuable  insight  to  system  performance. 

Task  202:  Reliability  Allocations 

Reliability  allocations  apportion  the  system  reliability  requirement  to  reliability 
requirements  for  each  of  the  black  boxes  and  lower-level  items.  Reallocation  of  the 
requirements  is  performed  as  more  detailed  information  regarding  the  design 
becomes  known. 

Task  203:  Reliability  Predictions 

Predictions  are  important  in  providing  engineers  and  management  with  the 
quantitative  reliability  information  needed  to  perform  design  tradeoffs  or  to 
compare  competing  designs.  Early  prediction  is  performed  to  determine  feasibility 
of  the  reliability  requirement.  Updates  during  development  and  production  help 
determine  reliability  attainability. 

Predictions  mature  as  the  actual  design  matures  and  exact  data  becomes 
available.  They  also  provide  essential  inputs  to  related  activities  such  as 
maintainability,  safety,  logistics  and  test  planning.  Predictions  establish  a  baseline 
for  estimating  progress  and  performance  to  detect  overstressed  parts  and  pinpoint 
critical  areas  for  redesign. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440-6916  •  315-337-0900 


28 


C3n-A-CE 


Task  204:  Failure  Modes.  Effects,  and  Criticality  Analysis  (FMECA) 

FMECA  allows  potential  design  weaknesses  to  be  identified,  analyzed  and 
evaluated  using  engineering  and  mission  considerations.  It  provides  systematic 
identification  of  likely  modes  of  failure,  possible  effects  of  each  failure,  and  the 
criticality  of  each  failure  with  regard  to  safety,  system  readiness,  mission  success, 
demand  for  maintenance,  logistic  support,  or  other  factors. 

An  initial  FMECA,  performed  at  the  conceptual  phase,  identifies  only  the  more 
obvious  failure  modes.  However,  as  design  definition  matures,  the  FMECA  is 
expanded  to  include  additional  levels  of  indenture  to  the  part  level  if  necessan 

FMECA  can  suggest  areas  where  the  judicious  use  of  redundancy  can 
significantly  improve  mission  reliability  without  unacceptable  impact  on  basic 
reliability  and  areas  where  other  detailed  analyses  should  be  made.  FMECA  results 
can  confirm  the  validity  of  models  used  in  computing  reliability  estimates  at  the 
subsystem  or  functional  level  of  indenture  particularly  where  redundancy  is 
included. 

Task  205:  Sneak  Circuit  Analysis  (SCA) 

SCA  is  used  to  identify  latent  paths  which  niay  cause  unwanted  functions  or 
inhibit  desired  functions  in  electrical  circuits.  It  assumes  that  all  components  are 
functioning  properly.  SCA  is  expensive,  and  is  usually  performed  late  in  the  design 
cycle  after  design  documentation  is  complete.  Unfortunately,  this  makes  subsequent 
changes  difficult  and  costly  to  implement.  SCA  is  usually  considered  only  for  items 
and  functions  which  are  critical  to  safety  or  mission  success  or  where  other 
analytical  techniques  are  not  effective. 

Task  206:  Electronic  Parts /Circuit  Tolerance  Analysis 

This  analysis  examines  the  effects  of  electrical  tolerance  and  parameter  changes 
over  a  range  of  specified  operating  temperatures.  It  considers  expected  component 
value  ranges  due  to  manufacturing  tolerance  variations  and  also  thei’’  drift  due  to 
time  and  temperature.  The  analysis  uses  equivalent  circuits  and  mode-matrix 
analysis  techniques  to  prove  that  the  circuit  or  equipment  will  meet  operating 
specification  requirements  under  all  required  conditions.  Task  206  utilizes  the 
robust  circuit  design  and  analysis  techniques  which  were  discussed  in  Section  2. 

Task  207:  Parts  Program 

Parts  are  the  building  blocks  from  which  the  system  is  constructed.  System 
optimization  can  be  achieved  only  by  paying  particular  attention  to  parts  selection, 
control,  and  application.  This  task  starts  early  and  continues  throughout  the 
development  and  production  of  the  system. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


29 


A  Comprehensive  parts  program  consists  of  the  following  elements: 

•  a  parts  control  program  in  accordance  with  MIL-STD-965 

•  parts  standardization 

•  documented  parts  application  and  derating  guidelines 

•  part  testing,  qualification  and  screening 

The  objective  of  the  parts  program  is  to  control  the  selection  and  use  of  standard 
and  nonstandard  parts. 

Task  208:  Reliability-Critical  Items 

Reliability-critical  items  are  those  whose  failure  can  significantly  affect  safety, 
mission  success,  or  total  maintenance/logistics  support  costs.  They  are  identified 
during  part  selection  and  application.  Critical  items  are  prime  candidates  for 
detailed  test  and  analysis  including  reliability  growth  testing,  reliability  qualification 
testing,  reliability  stress  analysis,  and  other  techiuques  to  reduce  the  reliability  risk. 

Task  209:  Effects  of  Functional  Testing.  Storage.  Handling.  Packaging. 

Transportation,  and  Maintenance 

Procedures  must  be  established,  maintained,  and  implemented  to  determine  by 
test  and  analysis;  the  effects  of  storage,  handling,  packaging,  transportation, 
maintenance  and  repeated  exposure  to  functional  testing  of  the  hardware.  The 
results  of  this  effort  are  used  to  support  long-term  failure  rate  predictions,  design 
trade-offs,  definition  of  test  conditions,  periodic  test  requirements  during  dormancy, 
packaging,  handling,  storage  or  refurbishment  plans.  These  procedures  provide 
some  assurance  that  the  items  can  successfully  tolerate  foreseeable  operational  and 
storage  influences. 

3.1.1  Reliability  Modeling  and  Prediction 

Reliability  Modeling  and  Prediction  covers  the  tasks  of  mathematically  modeling 
and  predicting  the  reliability  of  an  equipment  design  prior  to  fabrication.  Such 
modeling  and  prediction  are  essential  functions  in  evaluating  a  design.  They 
provide  a  means  to  assess  whether  a  proposed  or  actual  equipment  design  will  meet 
its  specified  reliability  requrement.  Reliability  models  and  predictions  do  not,  in 
themselves,  contribute  significantly  to  system  reliability.  The  primary  objective  of 
reliability  prediction  is  to  provide  guidance,  relative  to  the  expected  inherent 
reliability  of  a  given  design.  Reliability  predictions  are  most  useful  and  economical 
during  the  early  phases  of  a  system  design,  before  hardware  is  constructed  and 
tested. 

During  design  and  development,  predictions  serve  as  guides  by  which  design 
alternatives  can  be  evaluated  for  reliability.  Reliability  predictions  serve  many 
purposes  including;  feasibility  evaluation,  comparison  of  alternative  configurations. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


30 


CRTA-CE 


CRTA-CE 


31 


the  techniques  and  data  sources  to  be  used  in  the  formulation  of  reliability  models 
and  predictions  so  that  they  may  be  uniforndy  applied  and  interpreted. 

Four  different  reliability  modeling  and  prediction  "tasks"  are  delineated  in  MIL- 
STD-756.  Also,  nine  distinct  modeling  and  prediction  "methods"  for  accomplishing 
these  tasks  are  described  in  detail. 

There  are  two  types  of  models:  the  Basic  Reliability  Model  (Task  101)  and  the 
Mission  Reliability  Model  (Task  102).  Reliability  predictions  are  then  performed 
based  upon  these  two  models,  the  Basic  Reliability  Prediction  (Task  201)  and  the 
Mission  Reliability  Prediction  (Task  202). 

The  Basic  Reliability  Model  (Task  101)  and  its  associated  prediction  (Task  201) 
considers  all  of  the  equipment  in  the  system  while  the  Mission  Reliability  Model 
(Task  102)  and  its  associated  prediction  (Task  202)  consider  only  those  equipments 
essential  to  complete  the  mission.  Both  types  of  reliability  must  be  addressed  since 
the  mission  reliability  does  not  necessarily  give  any  indication  of  the  frequency  of 
maintenance  required  to  keep  the  system  operation^. 

3.1.1.1  Reliability  Modeling  Methods 

The  four  reliability  modeling  "methods"  delineated  in  MIL-STD-756  are: 

Method  1001:  Conventional  Probability 

The  conventional  probability  method  prepares  a  reliability  mathematical  model 
from  the  reliability  block  diagram  using  conventional  probability  relationships. 
This  method  is  the  most  commonly  used  and  is  applicable  to  both  single  function 
and  multi-function  systems. 

Method  1002:  Boolean  Truth  Table 

The  Boolean  Truth  Table  method  prepares  the  reliability  mathematical  model 
using  Boolean  algebra.  This  method  is  applicable  to  both  single  function  and  multi¬ 
function  systems  but  it  is  more  tedious  than  the  conventional  probability  method. 

Method  1003:  Logic  Diagram 

The  logic  diagram  method  develops  a  reliability  block  diagram  using  logic 
diagrams.  This  method  is  applicable  to  both  single  function  and  multi-function 
systems.  It  is  also  more  tedious  than  the  conventional  probability  method  but  is 
simpler  than  the  Boolean  truth  table  approach,  especially  in  combining  terms  to 
simplify  the  Mission  Reliability  equation. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


32 


CRTA-CE 


Method  1004:  Monte  Carlo  Simulation 

Monte  Carlo  sin\ulation  synthesizes  a  system  reliability  prediction  from  a 
reliability  block  diagram  by  means  of  random  sampling.  This  method  is  employed 
where  individual  equipment  probabilities  (or  equivalent  reliability  parameter)  are 
known  but  the  mission  reliability  model  is  too  complex  to  derive  a  general  equation 
for  solution. 

Monte  Carlo  simulation  does  not  result  in  a  general  probability  of  success 
equation  but  computes  the  system  probability  of  success  from  the  individual 
equipment  probabilities  and  the  reliability  block  diagram.  Monte  Carlo  simulation 
must  be  performed  by  a  computer  due  to  the  large  number  of  repetitive  trials  and 
calculations  required  to  obtain  a  significant  result.  Monte  Carlo  simulation  is 
applicable  to  both  single  fimction  and  multi>function  systems. 

Selection  of  a  specific  modeling  method  is  usually  up  to  the  discretion  of  the 
individual  doing  the  modeling  (whichever  is  most  comfortable)  since  all  four 
methods  should  yield  similar  results. 

3.1. 1.2  Reliability  Prediction  Methods 

The  five  reliability  prediction  methods  delineated  in  MIL-STD-756  are: 

Method  2001:  Similar  Item  Method 

This  method  utilizes  specific  experience  on  similar  items.  The  quickest  way  of 
estimating  item  reliability  is  to  compare  the  item  under  consideration  with  a  similar 
item  whose  reliability  has  previously  been  determined.  This  method  is  applicable 
for  items  undergoing  orderly  evolution.  With  this  method,  small  differences 
between  new  and  old  systems  can  easily  be  identified  and  evaluated.  In  addition, 
difficulties  encountered  in  the  old  design  are  areas  for  improvements  in  the  new 
design.  If  a  similar  item  comparison  cannot  be  made,  this  method  should  not  be 
used. 

Method  2002:  Similar  Circuit  Method 

This  method  utilizes  specific  experience  on  similar  circuits  such  as  oscillators, 
discriminator  amplifiers,  modulators,  pulse  transforming  networks,  etc.  Method 
2002  is  employed  when  a  single  circuit  is  being  considered  or  the  similar  item 
method  cannot  be  utilized.  One  rapid  way  of  estimating  circuit  reliability  is  to 
compare  the  circuits  of  the  item  under  consideration  with  similar  circuits  whose 
reliability  has  previously  been  determined.  Individual  circuit  reliabilities  can  be 
combined  into  an  item  reliability  prediction.  This  method  is  applicable  for  circuits 
undergoing  orderly  evolution.  Small  differences  between  similar  circuits  can  be 
easily  isolated  and  evaluated.  In  addition,  difficulties  encountered  in  the  old  design 
are  the  areas  for  improvements  in  the  new  design. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Ron\e,  NY  13440-6916  •  315-337-0900 


The  active  element  group  method  is  termed  a  feasibility  estimating  procedure 
because  it  is  useful  for  gross  estimates  of  a  design  in  the  concept  formulation  and 
preliminary  design  stages.  Only  an  estimate  of  the  number  of  series  elements 
required  to  perform  the  design  function  is  needed.  This  method  relates  item 
functional  complexity  (active  element  groups)  and  application  environment  to 
failure  rates  experienced  in  other  known  equipment  in  the  field.  Method  2003, 
however,  is  obsolete  and  is  no  longer  recommended. 

Method  2004:  Part  Co\mt  Method 

The  parts  count  method  is  used  in  the  preliminary  design  stage  when  the 
number  of  parts  in  each  generic  part  category  such  as  capacitors,  resistors,  etc.,  is 
reasonably  fixed  and  the  overall  design  complexity  is  not  expected  to  change 
appreciably  during  later  stages  of  development.  The  parts  count  method  assumes 
that  the  time  to  failure  of  the  parts  is  exponentially  distributed  (i.e.,  a  constant 
hazard  rate).  Part  count  failure  rate  models  for  electronic  parts  are  found  in 
Appendix  A  of  MIL-HDBK-217. 

Method  2005;  Part  Stress  Analysis  Method 

The  part  stress  analysis  method  is  used  in  the  detailed  design  stage  when  there 
are  few  or  no  assumptions  necessary  about  the  parts  used,  their  stress  derating,  their 
quality  factors,  their  operating  stresses  or  their  environment  in  order  to  determine 
part  failure  rates.  These  factors  must  be  known  or  be  capable  of  being  determined, 
based  upon  the  state  of  hardware  definition  for  which  the  part  stress  analysis 
method  is  applicable.  Where  unique  parts  are  used,  any  assumptions  regarding 
their  failure  rate  factors  should  be  identified  and  justified.  The  parts  stress  analysis 
method  is  the  most  accurate  method  of  reliability  prediction  prior  to  measurement 
of  reliability  under  actual  or  simulated  use  conditions.  The  parts  stress  analysis 
method  assumes  that  the  time-to-failure  of  the  parts  is  exponentially  distributed 
(i.e.,  a  constant  hazard  rate).  The  detailed  part  stress  failure  rate  models  are  foimd  in 
MIL-HDBK-217. 

3.1.1.3  Tailoring  Reliability  Models  and  Predictions 

Reliability  prediction  is  iterative  in  nature,  thus  tailoring  of  the  reliability 
computations  throughout  each  of  the  program  phases  is  necessary.  As  the  design 
progresses,  the  hardware  relationships  become  better  defined.  Therefore,  the 
mathematical  model  of  the  system  depicting  the  relationship  between  basic 
reliability  and  mission  reliability  can  be  refined. 

Tailoring  of  these  tasks  involves  primarily  the  selection  of  the  prediction 
method  utilized  and  the  rigor  with  which  it  is  applied.  For  relatively  simple 
systems  (i.e.,  containing  no  redundant  elements  and  without  alternate  modes  of 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


34 


CRTA-CE 


operation  or  degraded  modes  of  operation),  the  basic  reliability  model  and  the 
mission  reliability  model  will  be  identical  and  a  single  reliability  prediction  will 
suffice. 

3.1.2  Part  Eterating 

Achieving  high  equipment  reliability  requires  that  each  part  be  properly  applied 
and  capable  of  withstanding  all  of  the  stresses  to  which  it  will  be  subjected.  Derating 
of  electronic  parts  is  a  powerful  tool  for  enhancing  equipment  reliability.  Derating  is 
defined  as: 

LIMITING  STRESSES  APPLIED  TO  A  PART  TO  LEVELS  WELL  WITHIN 

THAT  PART'S  SPECIFIED  OR  PROVEN  CAPABILITY  IN  ORDER  TO 

ENHANCE  ITS  RELIABIUTY. 

In  mechanical  design,  the  same  concept  is  referred  to  as  the  "safety  factor." 

Part  derating  is  performed  with  reference  to  the  part  vendors  "absolute 
maximum  ratings."  These  ratings  are  defined  in  the  manufacturer's  specification  or 
data  sheet  as  those  values  which  "should  not  be  exceeded  under  any  service  or  test 
condition".  There  are  various  "absolute  maximum  ratings"  for  each  part:  voltage, 
current  and  power,  etc.  Each  absolute  maximum  ratings  is  unique.  It  is  applied 
individually,  not  in  combination  with  other  absolute  maximum  ratings.  Absolute 
maximum  ratings  also  include  maximum  operating  and  storage  temperatures  (e.g., 
the  maximum  junction  or  hot  spot  temperature).  The  electrical  parameters  are 
typically  based  upon  "DC  power  conditions  measured  in  free  air  at  25®C."  Derating 
may  be  done  in  two  ways:  reducing  the  stresses  on  the  part,  or  increasing  the  part's 
strength  (i.e.,  using  a  higher  rated  part). 

Electronic  part  reliability  is  affected  by  both  electrical  and  thermal  stresses  to 
which  the  part  is  subjected.  Increased  thermal  stresses  generate  increased  junction 
temperature.  The  result  is  increased  cheihical  activity  within  the  part  as  described 
by  the  Arrhenius  Reaction  Rate  Model  and  in  an  increased  failure  rate.  Electronic 
part  reliability  is  largely  determined  by  the  thermal  stress.  MIL-HDBK-217  failure 
rate  models  show  that  part  failure  rates  vary  significantly  with  temperature.  Some 
parts  are  more  temperature-sensitive  than  others.  Significant  reduction  in  failure 
rate  can  be  achieved  by  improving  the  thermal  design  (i.e.,  reducing  the 
temperatures). 

Increasing  the  electrical  stresses  also  increases  the  failure  rate.  If  both  thermal 
stress  (i.e.  junction  temperature)  and  the  electrical  stress  are  simultaneously 
increased,  the  two  factors  are  compounded,  greatly  increasing  the  failure  rate.  This 
is  the  basic  theory  behind  the  MIL-HDBK-217  failure  rate  prediction  methodology. 

Derating  procedures  vary  from  part  type  to  part  type  and  application  to 
application.  For  example,  resistor  derating  is  accomplished  by  decreasing  the  ratio  of 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


35 


operating-power  to  rated-power.  Capacitors,  on  the  other  hand,  are  derated  by 
r^ucing  the  applied  voltage  to  a  lower-than-rated  value  while  semiconductors  are 
derated  by  reducing  their  power  dissipation  and  junction  temperature  below  their 
maximum  rating. 

Electronic  part  derating  is  performed,  as  necessary,  to  assure  that  the  equipment 
reliability  meets  its  specification.  Electronic  part  derating  curves  relate  derating 
levels  with  critical  environmental /physical  factors  and  part  parameters. 
Semiconductor  manufacturers  provide  curves  of  operating  parameters  vs. 
temperature  (maximum  and  minimum  storage  temperatures  and  maximum 
operating  junction  temperature)  and  package  thermal  resistance.  Maximum 
operating  junction  temperature  is  derated  by  reference  to  failure  rate  vs. 
temperature  data  to  achieve  desired  part  reliability. 

However,  simply  computing  the  worst-case  semiconductor  junction  temperature 
and  assuming  that  the  thermal  design  is  adequate  is  not  sufficient.  The  device  may 
function  under  such  conditions,  but  its  reliability  will  generally  be  unacceptable. 
Maximum  allowable  semiconductor  junction  temperatures  are  of  little  use  unless 
they  are  related  to  the  required  equipment  reliability.  Normally  derating  from 
published  device  ratings  is  required. 

Beyond  its  obvious  impact  upon  equipment  reliability,  maximum  junction 
temperature  derating  is  also  advisable  to  provide  an  additional  margin  for  error. 
Derating  provides  additional  tolerance  for  system  electrical  transients  and  for 
possible  non-uniform  part  heating. 

Derating  also  compensates  for  many  of  the  variables  inherent  in  any  design. 
Electronic  parts  produced  on  an  assembly  line  are  not  all  identical.  There  are  subtle 
differences  and  variations  from  one  part  to  the  next.  Proper  part  derating  helps  to 
compensate  for  these  part-to-part  variations  and  alleviate  their  impact  upon 
equipment  reliability.  For  example,  electronic  parts  with  identical  part  numbers 
may  be  purchased  from  a  variety  of  suppliers.  While  these  items  are  "electrically 
interchangeable,"  there  may  be  significant  design,  material  and  manufacturing 
differences  between  them.  Derating  helps  to  compensate  for  these  differences. 

Unless  specially  selected  premium  parts  are  specified,  parameter  deviation  from 
the  reported  mean  value  is  significant  for  many  parts.  While  design  engineers  try  to 
anticipate  the  various  electrical  and  environmental  extremes  to  which  the 
equipment  may  be  subjected,  derating  can  provide  an  additional  "margin  of  safety" 
if  there  is  a  failure  to  properly  anticipate  the  impact  of  all  of  these  variations.  Also, 
parts  and  their  associated  critical  parameters  are  not  completely  stable  over  their 
entire  life.  Proper  derating  will  help  assure  circuit  operation  in  spite  of  these  part 
parameter  changes. 

It  is  also  imperative  that  part  derating  be  cost  effective.  If  derating  is  excessively 
conservative  (e.g.,  lower  than  necessary  part  stresses  are  applied)  costs  rise  severely. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


36 


CRTA-CE 


At  optimum  derating,  a  rapid  increase  in  failure  rate  is  noted  for  a  small  increase  in 
temperature  or  stress.  There  is  usually  a  practical  nunimum  to  derating.  Below 
some  minimum  stress  level,  circuit  complexity  increases  drastically,  offsetting  any 
reliability  gain  achieved  by  further  derating.  MIL-HDBK-217  provides  data  on 
failure  rate  vs.  stress  level  for  most  types  of  electronic  parts.  This  data  is  used  to 
determine  reliability  improvement  achieved  by  derating.  For  mechanical  parts, 
unfortunately,  this  type  of  data  is  not  readily  available. 

3.1.3  Failure  Mode.  Effects  and  Criticality  Analysis 

Failure  Mode  and  Effects  Analysis  (FMEA)  is  the  first  half  of  a  reliability 
procedure  which  helps  identify  and  document  potential  failures  in  a  system  using 
specified  ground  rules.  It  determines,  by  failure  mode  analysis,  the  effect  of  each 
failure  on  system  operation  and  identifies  single  failure  points  (i.e.,  those  failures 
which  are  critical  to  mission  success).  The  Criticality  Analysis  (CA),  the  second  half 
of  the  FMECA,  ranks  each  failure  according  to  the  criticality  of  failure  effect  and  its 
probability  of  occurrence. 

In  performing  the  analysis,  each  failure  studied  is  considered  to  be  the  only 
failiire  in  the  system  (i.e.,  a  single  failure  analysis).  The  FMEA  can  be  accomplished 
without  a  CA,  but  a  CA  requires  that  critical  failure  modes  be  identified  for  items  in 
the  system.  When  the  two  are  combined,  the  total  process  is  called  a  Failure  Mode, 
Effects  and  Criticality  Analysis  (FMECA).  This  is  the  essence  of  Task  204  "Failure 
Mode,  Effects,  and  Criticality  Analysis"  in  the  systems  reliability  management 
specification  MIL-STD-785.  Detailed  procedures  for  performing  both  the  FMEA  and 
the  CA  are  found  in  MIL-STD-1629.  Failure  mode  distribution  data  for  many 
different  types  of  parts  may  be  found  in  RAC  publication  FMD-91. 

FMEA  utilizes  inductive  logic  in  a  ■'‘lx)ttom  up"  approach.  It  begins  at  the  lowest 
level  of  the  system  hierarchy,  (i.e.,  component  part),  and  using  a  Imowledge  of  the 
failure  modes  of  each  part,  traces  it  up  through  the  system  hierarchy  to  determine 
the  effect  that  each  failure  mode  will  have  on  system  performance. 

This  approach  contrasts  with  a  Fault  Tree  Analysis  (FTA)  which  utilizes 
deductive  logic  in  a  "top  down"  approach.  In  FTA,  a  system  failure  is  assumed  and 
traced  down  through  the  system  hierarchy  to  determine  the  event,  or  series  of 
events,  that  could  cause  such  a  failure. 

A  FMEA  provides: 

1)  A  method  of  selecting  a  design  with  a  high  probability  of  operational 
success 

2)  A  documented  uniform  method  of  assessing  failure  modes  and  their 
effects  on  the  operational  success 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


37 


3)  Early  visibility  of  possible  system  interface  problems 

4)  A  list  of  possible  failures  which  may  be  ranked  according  to  the 
seriousness  of  their  effect  and  the  probability  of  their  occurrence 

5)  Identification  of  single  failure  points  critical  to  mission  success 

6)  Early  criteria  for  test  planning 

7)  Quantitative,  uniformly  formatted  input  data  to  the  reliability  assessment, 
and  safety  models 

8)  A  basis  for  design  and  location  of  performance  monitoring  and  fault 
sensing  devices  and  built-in  test  (BIT) 

9)  A  tool  to  aid  in  evaluation  of  proposed  design,  operational,  or  procedural 
changes  and  their  impact  on  mission  success. 

Detailed  knowledge  of  the  parts  used  in  each  "black  box"  which  make  up  the 
system  is  necessary.  Thus,  a  FMEA  starts  at  the  "black  box"  level  and  is  expanded  as 
more  detailed  knowledge  becomes  available. 

The  principles  of  FMEA  are  straightforward  and  easy  to  grasp  but  the  practice  of 
FMEA  is  tedious  and  time  consuming  but  it  is  very  amenable  to  automat^  analysis 
tools.  The  bookkeeping  aspects,  namely,  the  tracking  of  each  item  and  its  place  in 
the  hierarchy,  are  very  important  because  mistakes  are  easy  to  make. 

The  FMEA  provides  a  documented  analysis  for  all  critical  components  of  a 
system.  However,  definitions  of  failure  at  the  system,  subsystem,  and  sometimes 
even  part  level  must  first  be  established.  An  FMEA  begins  in  parallel  with  the  start 
of  detailed  design  and  is  updated  periodically  throughout  the  development  program 
as  dictated  by  design  changes. 

To  perform  a  FMEA,  a  symbolic  logic  block  diagram  (i.e.,  a  reliability  block 
diagram)  is  first  constructed.  This  diagram  is  developed  for  the  entire  system  to 
indicate  the  functional  dependencies  among  the  elements  of  the  system  and  to 
define  and  identify  its  subsystems.  It  is  not  a  functional  schematic  or  a  signal  flow 
diagram,  but  a  model  for  use  in  the  early  analysis  to  point  out  weaknesses. 

Then  a  failure  effect  analysis  is  performed  for  each  block  in  the  symbolic  logic 
block  diagram,  indicating  the  effect  of  item  failure  on  the  performance  of  the  next 
higher  level  on  the  block  diagram.  This  analysis,  takes  into  account  failure  modes 
such  as:  open  circuits,  short  circuits,  dielectric  breakdowns,  wearout  and  part- 
parcimeter  shifts.  Finally,  a  list  of  critical  items  is  compiled. 

A  FMECA  is  effective  in  determining  many  of  the  significant  details  which  may 
not  otherwise  be  determined  by  separate,  individual  studies.  Like  other  design 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


38 


CRTA-CE 


tools,  the  FMECA  has  limitations.  It  is  nothing  more  than  a  logical  way  of 
established  "bookkeeping"  which  can  be  systematically  analyzed  for  design 
reliability. 

3.1.4  Fault  Tree  Analysis 

Fault  Tree  Analysis  (FT A)  is  a  graphical  method  of  risk  analysis  used  to  identify 
critical  failure  modes  within  a  system  or  equipment.  Utilizing  a  pictorial  approach, 
it  identifies  critical  faults  in  constituent  low^*  level  elements  and  determines  which 
failure  modes  at  one  level  produce  critical  failures  at  a  higher  level  in  the  system. 
The  technique  is  particularly  useful  in  safety  analysis  where  the  block  diagraming 
discipline  helps  to  prevent  oversights. 

As  mentioned  in  Section  3.1.3,  the  FMEA  is  considered  to  be  a  'lx>ttom  up' 
analysis,  whereas  FTA  is  a  "top  down"  analysis.  FMEAs  and  FTAs  are 
complimentary  and  basically  equivalent  methods  of  risk  analysis.  The  choice 
between  the  two  methods  depends  on  the  nature  of  the  risk  to  be  evaluated.  There 
are  important  differences,  however,  between  the  two  techniques.  A  major 
advantage  of  the  FTA  is  its  ability  to  address  human  errors  which  the  FMEA  can 
not. 

FTA  is  based  upon  deductive  reasoning  (i.e.,  reasoning  from  the  general  to  the 
specific).  A  specific  fault  is  postulated  and  then  attempts  are  made  to  find  out  what 
modes  of  system  or  component  behavior  contribute  to  it.  This  is  often  referred  to  as 
the  "Sherlock  Holmes"  approach.  Holmes,  faced  with  given  evidence,  had  to 
reconstruct  the  events  leading  up  to  the  crime.  All  successful  detectives  and  fault 
tree  analysts  must  be  experts  in  deductive  reasoning. 

FTA  focuses  on  one  particular  imdesired  event  at  a  time  determining  all  possible 
causes  of  that  event.  The  imdesired  event  is  the  top  event  in  that  specific  fault  tree. 
It  is  generally  a  catastrophic  failure  rather  than  a  degraded  failure.  Careful 
definition  of  the  top  event  is  extremely  important  to  the  success  of  the  analysis.  If 
the  top  event  is  too  general,  the  analysis  b^omes  unmanageable;  if  it  is  too  specific, 
the  analysis  does  not  provide  a  sufficiently  broad  view  of  the  system. 

The  deductive  nature  of  the  FTA  requires  greater  skill  on  the  part  of  the  analyst 
than  a  FMEA.  A  FTA  is  particularly  useful  in  studying  highly  complex  functional 
paths  in  which  the  outcome  of  one  or  more  combinations  of  noncritical  events  may 
produce  an  undesirable  critical  event.  Typical  FTA  candidates  are  fimctional  paths 
or  interfaces  which  could  have  a  critical  impact  upon  safety,  either  of  the  general 
public  or  operating  and  maintenance  personnel,  or  the  probability  of  producing  an 
error-free  command  in  an  automated  system  with  a  multiplicity  of  redundant, 
overlapping  outputs. 

The  fault  tree  provides  a  concise  and  orderly  description  of  the  various 
combinations  of  possible  occurrences  within  the  system  which  can  result  in  a 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440^916  •  315-337-0900 


CRTA-CE 


39 


predetermined  critical  output  event.  Performance  of  an  FT  A  requires  considerable 
engineering  time  and  the  quality  of  the  analysis  is  only  as  good  as  the  validity  of 
input  data  and  the  accuracy  of  the  fault  tree  logic. 

A  FTA  can  be  applied  in  the  early  design  effort,  and  then  progressively  refined 
and  updated  as  the  design  evolves  to  track  the  probability  of  an  undesired  event. 
Initial  fault  tree  diagrams  might  represent  functional  blocks  (e.g.,  units,  equipments, 
etc.),  becoming  more  definitive  at  lower  levels  as  the  design  matures  in  the  form  of 
specific  parts  and  materials. 

3.1.4.1  Fault  Tree  Construction 

The  fault  tree  is  a  graphic  model  of  the  various  parallel  and  sequential 
combinations  of  faults  that  will  result  in  the  occurrence  of  the  pre-defined 
undesired  event.  Faults  can  be  events  associated  with  component  hardware 
failures,  human  errors,  or  any  other  pertinent  events  which  can  lead  to  the 
undesired  event.  A  fault  tree  depicts  the  logical  interrelationships  of  basic  events 
that  lead  to  the  undesired  event  (i.e.,  the  top  event  of  the  fault  tree). 

A  fault  tree  does  not  address  all  possible  system  failures  or  all  possible  causes  of 
system  failure.  It  focuses  on  one  top  event,  that  corresponds  to  a  particular  system 
failure  mode.  Thus  it  contains  only  those  faults  that  contribute  to  that  top  event. 
The  faults  are  not  exhaustive;  they  cover  only  the  most  credible  faults  as  assessed  by 
the  analyst. 

A  fault  tree  may  be  viewed  as  a  complex  of  logic  gates  which  serve  to  permit  or 
inhibit  the  passage  of  a  fault  up  the  tree.  The  gates  show  the  relationships  of  events 
needed  for  the  occurrence  of  the  "higher"  event.  The  higher  event  is  the  output  of 
that  gate,  the  lower  events  are  the  inputs.  The  gate  symbol  denotes  the  type  of 
relationship  between  the  input  events  and  the  output  event. 

The  symbols  used  in  a  fault  tree  are  illustrated  in  Figure  7.  They  show  basic 
functional  relationships  in  the  block  diagrams  and  are  used  to  build  the  equivalent 
fault  tree  diagrams  depicting  successful  operation. 

Fault  tree  construction  requires  a  functional  block  diagram  which  clearly 
indicates  the  paths  in  which  the  critical  failure  mode  to  be  circumvented  or 
eliminated  is  located.  Furthermore,  it  defines  the  critical  failure  mode  in  terms  of 
the  system-level  malfimction  or  symptom  to  be  avoided. 

The  fault  tree  logic  diagram  is  then  constructed  relating  all  possible  sequences  of 
events  whose  occurrence  would  produce  the  undesired  events  identified  in  the 
functional  block  diagram.  The  fault  tree  depicts  the  paths  that  lead  to  each 
succeeding  higher  level  in  the  fimctional  configuration. 

Fault  trees  must  consider  the  time  sequencing  of  events  and  functions  during 
the  specified  mission  profile.  This  is  done  for  each  functional  path  or  interface 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


40 


CRTA-CE 


within  the  reliability  model.  Often  the  operational  sequence  involves  one  or  more 
changes  in  hardware  configuration,  functional  paths,  critical  interfaces,  or 
application  stresses.  If  so,  it  may  be  necessary  to  construct  a  separate  fault  tree  for 
each  operating  mode,  function,  or  mission  event  in  the  mission  sequence. 

Construction  of  the  tree  itself  is  the  most  difficult  portion  of  the  task.  The 
accuracy  of  the  fault  tree  is  entirely  dependent  upon  the  skill  of  the  analyst.  Unlike 
the  parts  list  used  in  the  FMEA,  there  is  no  means  of  checking  to  make  sure  that  a 
significant  potential  failure  contribution  has  not  been  overlooked.  Due  to  the 
intuitive  nature  of  fault  tree  construction,  computer  automation  is  of  limited  help. 
Fault  tree  construction  requires  the  expertise  of  senior  engineering  personnel  highly 
skilled  in  the  art. 

3.1.4.2  Qualitative  Evaluations  -  Cut  Sets 

“Cut  Sets"  are  commonly  used  in  the  analysis  of  fault  trees.  A  “Cut  Set"  is  any 
basic  event  or  combination  of  basic  events  whose  occurrence  will  cause  the  top 
event  to  occur.  Finding  the  cut  sets  for  a  given  fault  tree  is  a  simple  but  repetitious 
task.  There  are  just  two  simple  rules  to  follow: 

1)  An  "AND"  gate  increases  the  size  of  a  cut  set . 

2)  An  "OR"  gate  inaeases  the  number  of  cut  sets. 

The  initial  cut  sets  that  the  analyst  derives,  may  not  represent  the  simplest  fault 
tree  configuration.  Therefore,  the  next  step  is  to  eliminate  redundant  items  and 
reduce  these  cut  sets  to  the  "minimum  cut  set". 

A  minimal  cut  set  is  the  smallest  combination  of  events  which  will  cause  the  top 
event  to  occur.  A  minimal  cut  set  is  the  combination  of  primary  events  sufficient  to 
cause  the  top  event.  This  combination  is  the  "smallest"  combination  in  that  all  the 
failures  must  occur  for  the  top  event  to  occur.  If  any  one  of  the  failures  in  the  cut  set 
does  not  occur,  then  the  top  event  will  not  occur  (at  least  not  by  this  combination). 

The  minimum  cut  set  gives  all  the  unique  combination  of  component  failures 
that  can  cause  system  failure.  Qualitative  importances  give  a  "qualitative  ranking" 
for  each  component  with  regard  to  its  contribution  to  system  failure.  Common 
cause  evaluations  identify  those  minimum  cut  sets  consisting  of  multiple 
components  which,  because  of  a  common  susceptibility,  can  all  potentially  fail  due 
to  a  single  failure  cause.  For  qualitative  evaluations,  the  minimum  cut  sets  are 
obtained  using  Boolean  reduction  of  the  fault  tree.  The  minimal  cut  sets  are  used 
not  only  in  the  subsequent  qualitative  evaluations  but  in  all  of  the  quantitative 
evaluations  as  well. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


41 


A 

hr 


An  Event  or  Fault  resulting  from  the 
combination  of  more  basic  faults  which 
can  be  further  developed. 


A  Basic  Fault  (usually  a  specific  circuit, 
part  or  human  error)  which  can  be 
assigned  a  probability  of  occurrence. 


A  fault  not  developed  further  because  of 
lack  of  information,  time,  or  value  in 
doing  so. 


And  Gate  -  The  Output  event  occurs 
only  when  all  the  inputs  events  are 
present. 


6 

Output 


Or  Gate  -  The  output  occurs  when  one 
or  more  of  the  input  events  are  present. 


Inhibit  Gate  -  The  input  event  produces 
the  output  event  if  indicated  condition 
is  satisfied. 


Transfer  symbol  -  used  to  signify  a 
connection  between  two  or  more 
sections  of  the  fault  tree. 


nCURE  7 ;  FAULT  TREE  SYMBOLS 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


42 


CRTA-CE 


All  fault  trees  consist  of  a  finite  number  of  minimal  cut  sets,  unique  for  that  top 
event.  The  one  component  minimal  cut  sets,  if  there  are  any,  represent  those  single 
failures  which  will  cause  the  top  event  to  occur.  Two-component  minimal  cut  sets 
represent  the  double  failures  which  together  will  cause  the  top  event  to  occur.  For 
any  minimal  cut  set,  all  "n"  components  in  the  cut  set  must  fail  in  order  for  the  top 
event  to  occur. 

3.1. 4.3  Qualitative  Importances 

Minimal  cut  sets  can  give  some  idea  of  failure  importance  by  ordering  the 
minimal  cut  sets  according  to  their  size.  Single-component  minimal  cut  sets  (if  any) 
are  listed  first,  then  double-component  minimal  cut  sets,  then  triple,  etc.  The 
failure  probabilities  associated  with  the  minimal  cut  set  decrease  by  orders  of 
magnitude  as  the  size  of  the  cut  set  increases,  thus  ranking  according  to  size  gives  a 
gross  indication  of  the  importance  of  that  specific  minimal  cut  set.  For  example,  if 
individual  component  failure  probabilities  are  on  the  order  of  10,  a  single¬ 
component  cut  set  will  be  on  the  order  of  10,  and  a  double-component  cut  set  10,  a 
triple  10,  etc.  Component  failure  probabilities  are  generally  different  and  depend  on 
maintenance  or  testing  intervals,  downtimes,  etc.;  therefore,  ranking  of  minimal  cut 
sets  according  to  size  gives  only  a  general  indication  of  their  importance. 

3. 1.4.4  Common  Cause  Susceptibilities 

Primary  failures  do  not  necessarily  have  to  be  independent.  A  single,  more  basic 
cause  may  result  in  multiple  failures  which  cause  the  system  to  fail.  Multiple 
failures  which  can  cause  the  system  to  fail  and  which  originate  from  a  common 
cause  are  termed  "common  cause"  (or  common  mode)  failures. 

In  evaluating  a  fault  tree,  we  do  not  know  which  failures  will  be  common  cause 
failures;  however,  we  can  indicate  the  susceptibility  that  component  failures  may 
have  to  a  common  cause.  By  definition,  the  top  event  occurs  (i.e.,  system  failure)  if 
all  the  primary  failures  in  a  minimal  cut  set  occur.  Therefore,  we  are  interested  only 
in  those  common  causes  which  can  trigger  all  of  the  primary  failures  in  a  minimal 
cut  set.  A  cause  which  does  not  trigger  all  the  primary  failures  in  a  minimal  cut  set 
will  not  by  itself  cause  system  failure. 

To  identify  minimal  cut  sets  susceptible  to  common  cause  failures  we  must  first 
define  common  cause  categories  (e.g.,  general  areas  that  can  cause  component 
dependence).  Examples  include;  a  common  manufacturer,  environment,  energy 
sources  (not  usually  explicitly  shown  in  the  fault  tree),  and  human  operator. 

3.1.4.5  Quantitative  Evaluations 

Qnce  the  minimal  cut  sets  are  defined,  probability  evaluations  can  be  performed 
for  quantitative  results.  Quantitative  evaluations  are  most  easily  performed  in  a 
sequential  manner,  first  determining  the  component  failure  probabilities,  then  the 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440^916  •  315-337-0900 


CRTA-CE 


43 


minimal  cut  set  probabilities,  and  finally  the  system  (i.e.,  top  event)  probability. 
Quantitative  measures  of  the  importance  of  each  cut  set  and  of  each  component  can 
also  be  obtained  in  this  process. 

Quantitative  results  require  additional  models  and  data  beyond  that  required  for 
the  qualitative  evaluations.  First,  a  failure  probability  model  must  be  developed. 
This  mathematical  model  of  the  fault  tree  is  used  to  compute  the  probability  of 
critical  event  occurrence  based  on  the  failure  modes  identified  in  the  fault  tree 
diagram. 

Then  fault  and/or  failure  data  is  collected.  Failure  rates  for  most  standard 
electronic  and  electromechanical  parts  are  available  from  MIL-HDBK-217.  When 
necessary,  failure  rate  values  for  mechanical  parts  may  also  be  obtained  from  sources 
such  as.  Nonelectronic  Parts  Reliability  Data  1991,  (NPRD-91),  published  by  the 
Reliability  Analysis  Center. 

Quantitative  results  include:  (a)  numerical  probability  of  occurrence  (b) 
quantitative  importances  of  components  and  minimal  cut  sets,  and  (c)  sensitivity 
and  relative  probability  evaluation.  The  quantitative  importances  give  the 
percentage  of  time  that  system  failure  is  caused  by  a  particular  minimal  cut  set  or  a 
particular  component  failure.  Sensitivity  and  relative  probability  evaluations 
determine  the  effects  of  changing  maintenance  and  checkout  times,  implementing 
design  modifications,  and  changing  component  reliabilities.  Sensitivity  evaluations 
also  include  error  analyses  to  determine  the  effects  of  uncertainties  in  failure  rate 
data. 

Failure  rate  data  for  new  parts  and  recently  developed  parts  may  not  always  be 
available.  In  such  cases,  it  may  be  necessary  to  draw  upon  vendor  data  or  to  perform 
special  studies  to  obtain  such  data.  Other  data  needed  may  include  failure  mode 
distributions  for  critical  parts,  operating  time,  human  error  rates,  etc. 

Failure  probabilities  of  the  identified  failure  modes  are  determined  (i.e.,  the 
probability  of  occurrence)  for  each  event  or  failure  mode  identified  in  the  model. 
Safety  parameters  can  also  be  calculated  using  the  previously  derived  models  and 
failure  data.  Failure  mode  distributions  are  presented  for  many  part  types  in  RAC 
publication.  Failure  Mode /Mechanism  Distributions,  (FMD-91). 

In  the  absence  of  complete,  validated  failure-rate  and  failure  mode  data  for  all 
inputs,  a  preliminary  fault  tree  analysis  can  be  performed  using  conservative 
estimates  of  failure  rates  for  the  critical  failure  modes.  This  preliminary  analysis 
will  identify  those  input  values  which  have  little  effect,  as  well  as  those  having  a 
critical  effect  on  system  performance.  The  critical  inputs  can  then  be  investigated 
later,  in  greater  depth  if  necessary.  Evaluation  of  the  fault  tree  model  may  reveal 
that  conservatively  estimated  values  are  sufficient  to  satisfy  the  performance  goal. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


44 


CRTA-CE 


3.1.4.6  Additional  Reference  Source 

While  there  is  no  military  standard  or  handbook  addressing  FT  A,  the  RAC  has 
recently  published  the  "Fault  Tree  Analysis  Application  Guide"  to  assist  the 
potential  user  in  evaluating  FTA  requirements,  procedural  methods,  analytical 
techniques,  and  other  considerations  applicable  to  performing  a  FTA.  Guidelines 
are  given  to  construct  and  evaluate  a  fault  tree.  Management  considerations  are 
also  addressed.  A  tutorial  approach  is  taken  in  the  presentation  of  three  detailed 
FTA  examples. 

3.1.5  Sneak  Circuit  Analysis 

Sneak  Circuit  Analysis  (SCA),  Task  205  in  MIL-STD-785,  is  used  to  identify  latent 
conditions  which  may  cause  unwanted  functions  or  inhibit  desired  functions 
within  the  system  or  equipment.  A  sneak  circuit  is  defined  as  an  unexpected  path  or 
logic  flow  within  a  system  which  can,  under  certain  conditions,  initiate  an 
undesired  function  or  inhibit  a  desired  function.  The  sneak  path  may  be  due  to 
hardware,  software,  operator  actions,  or  combinations  of  these  elements.  Sneak 
circuits  are  not  the  result  of  hardware  failure  but  they  are  latent  conditions, 
inadvertently  designed  into  the  equipment,  which  can  cause  it  to  malfunction 
under  specific  operating  conditions. 

Types  of  sneak  circuits  include: 

1)  Sneak  Paths  allow  current  or  energy  to  flow  along  unsuspected  paths  or  in 
unintended  directions.  A  Sneak  Enable  Path  initiates  an  undesired 
function  or  result  under  certain  conditions,  but  not  under  all  conditions. 
A  Sneak  Inhibit  Path  prevents  a  desired  function  or  result  under  certain 
conditions,  but  not  all  conditions. 

2)  Sneak  Timing  causes  a  function  to  be  inhibited  or  to  occur  at  an 
unexpected  or  undesired  time  or  in  a  conflicting  sequence. 

3)  Sneak  Indications  are  ambiguous  or  false  displays  of  system  operating 
conditions  which  may  result  in  undesired  actions  being  taken  by  an 
operator. 

4)  Sneak  Labels  are  incorrectly  or  imprecisely  labeled  system  functions  (e.g., 
system  inputs,  controls,  displays,  buses,  etc.)  which  may  mislead  a  user, 
causing  incorrect  operation  of  the  system. 

SCA  is  a  unique  analysis  tool.  It  must  be  performed  on  the  actual  "as-built" 
configuration.  Functional,  integrated,  and  system  level  schematics  do  not  always 
properly  represent  the  actual  hardware  construction.  Detailed  manufacturing  and 
installation  schematics  must  be  used.  Analysis  from  detail  schematics  is  extremely 
difficult  because  so  many  details  exist  in  these  drawings  that  it  becomes  easy  to  miss 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


45 


something.  However,  these  schematics  contain  the  basic  data  that  must  be  used  if 
analytical  results  are  to  be  based  on  true  electrical  continuity. 

3.1.5.1  Topological  Pattern  Identification 

The  initial  task  to  perform  SCA  is  to  convert  the  detailed  manufacturing 
schematics  and  wire  list  information  into  a  Net-List.  A  net-list  is  a  computer  model 
that  represents  the  interconnected  nodes  that  make  up  each  circuit.  Output  plots  of 
node  sets  and  other  reports  are  then  generated,  enabling  the  analyst  to  sketch 
accurate  topological  trees.  The  reports  provide  complete  indexing  of  every 
component  and  data  point  to  its  associated  tree.  This  feature  is  used  in  cross¬ 
indexing  functionally  related  or  interdependent  trees,  incorporating  changes,  and 
troubleshooting. 

Next,  the  analyst  identifies  the  basic  topological  pattern.  As  illustrated  in  Figure 
8,  there  are  five  basic  patterns:  (1)  single  line  (no-node)  topograph,  (2)  groimd  dome, 
(3)  power  dome,  (4)  combination  dome,  and  (5)  the  "H"  pattern.  One  of  these 
patterns  or  several  in  combination  will  characterize  the  circuitry  in  any  given 
network  tree. 

Although  a  given  circuit  may  appear  more  complex,  closer  inspection  reveals 
that  the  circuit  is  actually  composed  of  these  basic  patterns  in  combination.  The 
sneak  circuit  analyst  examines  each  node  in  the  network  tree,  identifies  the 
topographical  pattern  or  patterns  incorporating  the  node  and  applies  the  basic  clues 
that  have  been  found  to  typify  sneak  circuits  involving  that  particular  pattern. 

3.1.5.2  Clue  Application 

Associated  with  each  topological  pattern  is  a  specific  list  of  clues  to  help  identify 
sneak  circuit  conditions.  The  clue  list  provides  a  guide  to  possible  design  flaws  that 
can  occur  in  a  circuit  containing  that  topological  configuration.  The  clue  list  consists 
of  a  series  of  questions  that  the  analyst  must  answer  regarding  the  circuit  to  ensure 
that  it  is  sneak  free. 

The  clue  list  for  each  successive  topograph,  becomes  longer  and  more  complex. 
The  clue  list  for  the  "H"  pattern  includes  over  100  clues.  This  pattern,  because  of  its 
complexity,  is  associated  with  more  sneak  circuits  than  any  of  the  other  patterns. 
The  possibility  of  current  reversal  in  the  "H"  crossbar  is  the  most  commonly  used 
clue  associated  with  "H"  pattern  sneak  circuits. 

3.1.5.3  Recent  SCA  Developments 

Although  a  powerful  analytical  tool,  SCA  is  expensive  and  performed  late  in  the 
design  cycle  after  all  of  the  design  documentation  is  virtually  completed. 
Subsequent  design  changes  resulting  from  the  SCA  are  difficult  and  costly  to 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


46 


CRTA-CE 


SINGLE  UNE  GROUND  DOME  POWER  DOME 


COMBINATION  DOME 


HGURES:  BASIC  TOPOGRAPHS 

Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


47 


I 


implement.  Therefore,  SCA  is  usually  limited  to  items  and  functions  critical  to 
safety  or  mission  success  or  where  other  analytical  techniques  are  ineffective. 

This  situation,  however,  has  begun  to  change.  Recent  Air  Force  publications 
[References  1,  2,  and  3]  shed  considerable  new  light  on  SCA  techniques.  They 
identify  "sneak  circuit  design  rules,  functional  guidelines  and  device  guidelines" 
that  can  be  addressed  much  earlier  in  the  design  phase.  This  new  approach  helps  to 
significantly  demystify  SCA  techniques  and  enables  the  SCA  to  become  a  much 
more  cost  effective  reliability  design  tool. 

This  new  approach  is  not  intended  to  replace  the  historic  SCA  approach  but 
rather  to  supplement  it,  to  enable  design  engineers  to  be  aware  of  conditions  which 
may  lead  to  sneak  circuits  and  thus  avoid  them  early  in  the  design  effort. 

3.1.6  Finite  Element  Analysis 

Finite  Element  Analysis  (FEA)  is  a  computerized  analysis  technique  used  to 
predict  an  items  mechanical  response  when  the  object  is  subjected  to  some  internal 
or  external  loading  or  environmental  disturbance.  FEAs  allow  physical  deflections, 
material  stresses  and  material  temperatures  of  complex  objects  to  be  predicted  before 
the  objects  are  fabricated  and  tested.  A  survey  of  historic  applications  of  finite 
element  analysis  in  the  areas  of  structural  mechanics,  heat  transfer,  and  fatigue  and 
fracture  mechanics  to  the  prediction  of  life  and/or  reliability  of  electronic  devices 
and  printed  circuit  boards  by  academia,  DoD  and  industry  is  found  in  [Reference  4]. 

There  are  many  significant,  and  potentially  fatal,  failure  mechanisms  active  in 
electronic  equipment.  Some  of  these  are  chemical  in  nature  (e.g.,  corrosion);  others 
are  mechanical  in  nature  (e.g.,  fracture  or  fatigue)  and  some  of  them  are  a 
combination  of  both  chemical  and  mechanical  (e.g.,  stress  corrosion).  The  root 
causes  of  most  equipment  failure  fall  into  one  of  these  categories.  Different 
modeling  techniques  have  been  devised  to  deal  with  each  of  these  failure  effects. 
Engineers  can  use  a  wide  variety  of  modeling  techniques  to  investigate  the  thermal 
and  structural  properties  of  equipments  operating  in  many  different  environments. 

Mechanical  phenomena  typically  studied  by  engineers  can  be  described  by  the 
laws  of  physics  in  terms  of  algebraic,  differential,  or  integral  equations  relating 
various  quantities.  While  most  problems  are  not  unduly  difficult,  their  solution  by 
exact  methods  of  analysis  is  a  formidable  task.  Two  basic  methods  of  modeling  and 
analysis  are  generally  described  as  either  "closed  form"  or  "numerical  analysis 
techniques."  Closed-form  solutions  are  an  easy  and  efficient  form  of  "hand" 
calculation.  Numerical  methods  (i.e.,  finite  difference,  finite  element,  boundary 
element,  and  statistical  energy)  enable  engineers  to  analyze  structures  too  complex 
for  closed  form  solutions.  The  most  common  of  these  numerical  techniques  is  the 
finite  element  analysis. 


I 

1 

i 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


48 


CRTA-CE 


Although  this  technique  can  successfully  predict  mechanical  performance,  the 
need  also  exists  to  extrapolate  FEA  results  to  a  predicted  life,  time-to-failure  or 
probability  of  failure.  The  latest  developments  in  FEA  technology  relate  to  the 
interfacing  of  the  results  of  FEA  to  reliability,  or  life  prediction  methodologies. 

FEA  simulation  cannot  address  all  possible  failure  mechanisms  and  improper 
fabrication  procedures.  However,  design  evaluations  and  reliability  assessments  of 
electronic  equipment  from  a  heat  transfer,  mechanical  integrity  and  strength  of 
materials  perspective  is  achievable  given  the  proper  geography,  material,  boundary 
conditions,  loading,  and  strength  information. 

In  a  finite  element  analysis,  mechanical  systems  and  structures  are  represented 
by  a  discrete  grid  of  node  points  interconnected  by  various  types  of  structural 
elements  forming  a  finite  element.  The  complete  solution  is  then  obtained  by 
combining  the  individual  elements  into  an  idealized  structure  for  which  the 
conditions  of  equilibrium  and  compatibility  are  satisfied  at  the  nodes  of  the 
elements.  In  finite  element  analysis,  the  assumed  displacement  fields  within  a 
finite  element  are  assumed,  by  the  use  of  energy  theorems,  to  derive  a  stiffness 
matrix  relating  the  nodal  forces  to  the  nodal  displacements  of  the  element.  As  the 
equilibrium  conditions  are  applied  at  each  node,  a  set  of  simultaneous  equations  can 
be  assembled  and  subsequently  solved  for  all  the  displacements  in  the  structure. 

All  of  the  exact  material  properties  needed  as  inputs  to  finite  element  analysis 
programs  may  not  be  available.  Therefore,  in  these  cases,  approximations  are 
necessary  (e.g.,  properties  for  representative  materials  might  he  used  instead  of 
actual  materials).  For  example,  materials  sized  at  the  dimensions  of  electronic 
devices  do  not  necessarily  behave  as  materials  sized  at  bulk  level  dimensions. 

Mechanical  failure  mechanisms  which  may  require  attention  in  the  reliability 
analysis  of  electronic  equipment  include:  deformation,  fatigue,  creep,  st  > 
relaxation,  ductile  and  brittle  fractures,  and  buckling. 

One  group  of  mechanical  failure  mechanisms  that  are  extremely  important  .. 
electronic  equipment  reliability  and  which  lends  itself  to  finite  element  analysis  is 
that  of  solder  joint  failures.  This  is  especially  compelling  in  an  aircraft 
environment  where  the  equipment  is  subjected  to  more  severe  vibration  and 
temperature  cycling  than  that  experienced  in  a  normal  ground  environment.  Two 
important  life  limiting  failure  modes  of  solder  connections  are  those  of  thermal 
fatigue  and  creep. 

3.1.6.1  Fatigue  Life  Prediction 

To  determine  the  fatigue  life  of  a  structure,  a  finite  element  analysis  is  first  used 
to  compute  the  deformation  which  occurs  during  vibration  and/or  temperature 
changes.  Deformation  results  in  stresses  which  can  exceed  the  strength  of  the 
material  and  cause  a  short  fatigue  life.  The  fatigue  life  of  structures  subjected  to 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


49 


bending  or  axial  loads  is  dictated  by  the  principal  stress.  Once  the  appropriate  stress 
information  has  been  obtained  from  the  finite  element  analysis,  the  number  of 
stress  cycles  which  can  be  sustained  by  a  material  can  be  determined  with  a  fatigue 
analysis. 

3.1.6.2  Creep  and  Stress  Relaxation 

Under  a  constant  force,  materials  such  as  solder  deform  with  time,  or  creep. 
Under  a  constant  displacement,  the  stress  in  solder  relaxes  with  time.  Stress 
relaxation  can  occur  as  follows.  When  electrical  power  is  applied,  the  components 
and  the  printed  circuit  board  heat  up  and  begin  to  expand.  With  time,  the 
temperature  will  reach  a  maximum.  At  this  point,  the  stress  induced  by  the  thermal 
coefficient  of  expansion  mismatch  between  the  various  elements  will  be  at  a 
maximum,  as  will  the  strain.  If  power  remains  on,  the  strain  will  remain  constant, 
but  the  stress  will  begin  to  relax.  This  relaxation  can  take  place  quite  rapidly.  Creep 
can  thus  occur  when  a  constant  load  is  confined  by  a  material,  such  as  solder, 
eventually  resulting  in  failure. 

3.1.7  Failure  Reporting.  Analysis  and  Corrective  Action  Systems  (FRACAS) 

A  disciplined,  aggressive  closed  loop  Failure  Reporting,  Analysis  and  Corrective 
Action  System  (FRACAS)  is  essential  in  achieving  satisfactory  reliability  and 
maintainability  of  complex  industrial,  commercial  and  military  systems,  equipment, 
and  associated  software. 

FRACAS  is  a  closed-loop  management  tool  to  identify  and  correct  deficiencies  in 
equipment  and  software  and  thus  prevent  further  reoccurrence  of  these  deficiencies. 
It  is  based  upon  systematic  reporting  and  analysis  of  equipment  failures  and 
software  faults  during  design,  development,  manufacturing,  inspection  and  test. 
FRACAS  provides  management  visibility  and  control  for  reliability  and 
maintainability  improvements  by  timely  and  disciplined  utilization  of  failure  and 
maintenance  data  to  generate  and  implement  effective  corrective  actions. 

A  closed-loop  FRACAS  assures  that:  1)  failures  and  faults  are  formally  reported, 
2)  that  analysis  is  performed  to  the  extent  that  the  failure  cause  is  understood,  and  3) 
that  positive  corrective  actions  are  identified,  implemented,  and  verified  to  prevent 
further  recurrence  of  the  failure  and  to  simplify  or  reduce  the  maintenance  tasks. 
An  effective  closed-loop  FRACAS  requires  that  information  obtained  diuing  failure 
analysis  be  disseminated  to  all  decision  making  engineers  and  managers  on  the 
program.  Table  4  shows  some  of  the  specific  objectives  of  FRACAS. 

As  shown  in  Figure  9,  a  typical  FRACAS  a>nsists  of  fourteen  steps: 

(1)  A  failure  is  observed  during  some  operation  or  test. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


(2)  The  observed  failure  is  fully  documented,  including,  as  a  minimum: 

(a)  Location  of  failure 

(b)  Date  and  time  of  failure 

(c)  Part  number  of  the  failed  system/equipment 

(d)  Serial  number  of  the  failed  system/equipment 

(e)  Model  number  of  the  failed  system/equipment 

(f)  Observed  failure  symptoms 

(g)  Name  of  the  individual  who  observed  the  failure 

(h)  All  significant  conditions  which  existed  at  the  time  of  the  observed 
failure 

(3)  Failure  verification  (i.e.,  reconfirmation  of  the  validity  of  the  initial 
failure  observation). 

(4)  Failure  isolation  (i.e.,  localization  of  the  failure  to  the  lowest  replaceable 
defective  item  within  the  system/equipment). 

(5)  Replacement  of  the  suspected  defective  item  with  a  known  good  item  and 
retest  of  the  system/equipment  to  provide  assurance  that  the  replacement 
item  does  in  fact  correct  the  originally  reported  failure. 

(6)  Retest  of  the  suspect  item  at  the  system /equipment  level  or  at  a  lower 
level  to  verify  that  the  suspect  item  is  indeed  defective. 

(7)  Failure  analysis  of  the  defective  item  to  establish  the  internal  failure 
mechanism,  or  mechanisms,  responsible  for  the  observed  failure  or 
failure  mode. 

(8)  A  search  of  existing  data  to  uncover  similar  failure  occurrences  in  this  or 
related  items  (i.e.,  establishing  the  historical  perspective  of  the  observed 
failure  mode/failure  mechanism). 

(9)  Utilizing  the  data  derived  from  steps  7  and  8,  determine  the  antecedent  or 
root  cause  of  the  observed  failure. 

(10)  Determine  the  necessary  corrective  action;  design  change,  process  change, 
procedure  change,  etc.  to  prevent  future  failure  recurrence.  The  decision 
regarding  the  appropriate  corrective  action  should  be  made  by  an 
interdisciplinary  design  team. 

(11)  Incorporation  of  the  recommended  corrective  action  into  the  original  test 
system/equipment. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


51 


TABLE  4:  OBJECTIVES  OF  A  FRACAS  PROGRAM 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


52 


CRTA-CE 


HGURE9:  CLOSED  LOOP  FAILURE  REPORTING 
AND  CORRECTIVE  ACTION  SYSTEM 


(12)  Retest  of  the  system/equipment  with  the  proposed  corrective  action 
modification  incorporated. 

(13)  After  suitable  retest  and  review  of  all  applicable  data,  establish  the 
effectiveness  of  the  proposed  corrective  action. 

(14)  After  the  effectiveness  of  the  proposed  corrective  action  has  been  proven, 
the  corrective  action  is  then  incorporated  into  the  deliverable 
systems  /  equipment. 

A  single  FRACAS  system  cannot  be  mandated  for  all  programs.  There  are 
pragmatic  limits  to  the  resources  in  time,  money  and  engineering  manpower  to 
expend  on  an  analysis  of  a  particularly  complex  failure  or  the  implementation  of 
preferred  corrective  action.  Therefore,  FRACAS  must  be  tailored  to  the  unique 
limits  of  a  given  program.  These  limits  are  determined  by  the  criticality 
classification  of  the  system  and/or  equipment  as  well  as  available  technology  and 
resources. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


53 


Primary  cost  drivers  for  FRACAS  are:  the  extent  and  the  depth  of  failure 
reporting  (applicable  to  FRACAS),  and  the  depth  of  the  failure  analysis  performed. 
"Extent  of  failure  reporting"  is  determined  by  the  number  of  different  inspection 
and  test  functions  to  be  included  in  the  FRACAS  requirement.  Decisions  regarding 
the  extent  of  failure  reporting  are  based  upon  the  potential  benefit  to  the  failure 
recurrence  control  effort  considering  existing  program  constraints.  "Depth  of  failure 
reporting"  is  determined  by  the  lowest  level  of  assembly  to  be  included  in  the  failure 
reporting  requirement.  "Depth  of  failure  analysis"  refers  to  the  extent  to  which 
failure  analysis  is  performed  to  establish  the  root  cause  of  the  failure. 

Acquisitions  of  certain  critical  (expensive  and  complex)  systems  and  equipments 
may  also  require  a  separate  Failure  Review  Board  (FRB)  to  be  established  to  oversee 
the  effective  functioning  of  the  FRACAS.  A  FRB  provides  increased  management 
visibility  and  control  of  the  FRACAS. 

In  contrast  to  the  FRACAS,  the  FRB  usually  consists  of  higher  level 
management  personnel  who  possess  the  authority  necessary  to  set  priorities, 
establish  schedules,  assign  specific  responsibility  and  authorize  adequate  funding  to 
ensure  the  implementation  of  any  necessary  changes  when  dealing  with  complex 
and  difficult  problems. 

3.1.7.1  DoD  FRACAS  Requirements 

FRACAS  is  an  explicit  reliability  task  delineated  in  most  major  DoD  system  and 
equipment  procurements.  This  requirement  is  documented  in  MIL-STD-785, 
"Reliability  Program  for  Systems  and  Equipment  Development  and  Production;" 
and  specifically  in  Task  104,  "Failure  Reporting,  Analysis  and  Corrective  Action 
Systems;"  and  Task  105,  "Failure  Review  Board."  Detailed  requirements  for  the 
performance  of  FRACAS  are  contained  in  MIL-STD-2155,  "Failure  Reporting, 
Analysis  and  Corrective  Action  System." 

Additional  details  regarding  FRACAS  may  also  be  found  in  MIL-HDBK-338, 
"Electronic  Reliability  Design  Handbook,"  Volume  I,  Section  8,  "Reliability  Data 
Collection  and  Analysis,  Demonstration  and  Growth,"  and  Volume  II,  Section  9, 
"Failure  Reporting  and  Analysis." 

3.1.7.2  FRACAS  in  Industry  Applications 

Regardless  of  how  the  reliability  function  is  organized  and  how  many  other 
reliability  tasks  performed,  a  formal  failure  reporting,  analysis,  and  corrective  action 
system  is  strongly  recommended.  This  applies  whether  the  company  is  military, 
space,  industrial,  or  commercially  oriented.  From  an  information  point  of  , 
from  an  economics  point  of  view,  and  from  a  management  point  of  view,  fa* 'are 
reporting,  analysis,  and  corrective  action  is  vitally  important  to  virtually  any 
program. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


54 


CRTA-CE 


The  International  Electrotechnical  Commission  Publication  (lEC)  Publication 
#362  "Guide  for  the  Collection  of  Reliability,  Availability,  and  Maintainability  Data 
from  Field  Performance  of  Electronic  Items,"  and  the  American  Society  for  Quality 
Control  (ASQC)  Booklet,  "A  Reliability  Guide  to  Failure  Reporting,  Analysis,  and 
Corrective  Action  Systems,"  specifically  document  FRACAS  criterion  in  a  non¬ 
military  application  environment. 

3.2  Maintainability  Program 

As  with  reliability,  for  most  DoD  related  programs,  the  maintainability  program 
requirements  are  derived  from  a  single  military  standard,  MIL-STD-470, 
"Maintainability  Program  For  Systems  and  Equipment."  These  tasks  are  described 
in  this  standard  with  guidelines  for  tailoring  maintainability  tasks  to  the  needs  of  a 
specific  program.  Table  5  illustrates  all  MIL-STD-470  maintainability  program  tasks. 

In  some  cases,  however,  one  must  turn  to  additional  more  detailed  standards 
and  handbooks  to  derive  sufficient  information  to  actually  complete  the  applicable 
task.  Some  of  these  detailed  standards  and  handbooks  are  specifically  referenced  in 
MIL-STD-470,  others  are  not. 

3.2.1  Maintainability  Prediction 

Maintainability  prediction  facilitates  an  early  assessment  of  a  given  design.  It 
enables  decisions  to  be  made  concerning  the  compatibility  of  a  proposed  design  with 
specified  requirements,  and  helps  identify  design  alternatives.  It  is  also  done  to 
estimate  the  various  maintainability  parameters  and  requirements  of  the 
system/subsystem/equipment  and  to  determine  whether  the  required 
maintainability  can  be  achieved  with  the  proposed  design  within  the  prescribed 
support  and  personnel /skill  requirements. 

Initial  predictions  are  performed  early  to  determine  the  feasibility  of  the 
maintainability  requirement.  They  are  continually  updated  during  design, 
development  and  production  phases  to  determine  and  assure  maintainability 
attainability.  Maintainability  predictions  are  important  in  providing  engineers  and 
management  with  quantitative  maintainability  information  for  day-to-day 
activities. 

The  maintainability  predictions  highlight  those  areas  of  poor  maintainability 
which  justify  product  improvement,  modification,  or  design  change.  They  also 
permit  the  user  to  make  an  early  assessment  of  whether  the  predicted  downtime, 
the  quality  and  quantity  of  maintenance  personnel,  special  tools  and  test  equipment 
are  adequate  and  consistent  with  the  needs  of  system  operational  requirements  and 
maintenance  scenario. 

MIL-HDBK-472,  "Maintainability  Prediction"  facilitates  the  design,  development, 
and  production  of  equipment  and  systems  requiring  a  high  order  of  maintainability 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


55 


TABLE  5:  MIL-STD-470  APPUCATION  MATRIX 


PROGRAM  PHASE 

Task 

TASK 

TITLE 

TASK 

TYPE 

Concept 

Valid 

FSED 

PROD 

Feasibility 

inCE 

Framework 

101 

Maintainability  Program 

Plan 

MGT 

G(3) 

G 

G(3)(l) 

X 

102 

Monitor/Control  of 
Subcontractors  and  Vendors 

MGT 

S 

G 

G 

X 

103 

Program  Reviews 

MGT 

G(3) 

G 

G 

X 

104 

Data  Collection,  Analysis 
and  Corrective  Action  System 

ENG 

S 

G 

G 

X 

105 

Failure  Review  Board  (FRB) 

MCTT 

NA 

S(2) 

G 

G 

X 

201 

Maintainability  Modeling 

ENG 

S 

S(4) 

G 

C 

X 

202 

Maintainability  Allocations 

ACC 

S 

S(4) 

G 

C 

X 

203 

Maintainability  Predictions 

ACC 

NA 

S{2) 

G(2) 

C 

X 

204 

Failure  Modes,  and  Effects 
Analysis  (FMEA) 
Maintainability  Information 

ENG 

NA 

S(2)(3) 

(4) 

G(l)(2) 

GC(l) 

(2) 

X 

205 

Maintainability  Analysis 

ENG 

S(3) 

G(3) 

G(l) 

C(l) 

X 

206 

Maintainability  Design 
Criteria 

ENG 

NA 

S(3) 

G 

C 

X 

207 

Preparation  of  Inputs  to 
Detailed  Maintenance  Plan 
and  Logistics  Support 

Analysis  (LSA) 

ACC 

NA 

S(2)(3) 

G(2) 

C(2) 

X 

301 

Maintainability 
Demonstration  (MD) 

ACC 

NA 

S(2) 

G(2) 

C(2) 

X 

Task  Type 

Proeram  Phase 

ACC 

Malntainabtltty  Accounting 

S 

Selective^  Applicable 

ENG 

Maintainability  Engineering 

G 

Generally  Applicable 

MGT 

Management 

GC 

NA 

Generally  Applicable  to  Design  Changes  Only 

Not  Applicable 

0)  Requires  considerable  interpreution  of  intent  to  be  cost  effective 

(2)  MIL-STD-470  is  not  the  primary  Inr^kinentitlon  document.  Other  MIL-STOs  or  Statement  of  Work  requirements  must  be  Included  to  define  or  rescind  the 
requirements.  For  example  MIL'STD471  must  be  Imposed  to  describe  maintainability  demonstration  details  and  methods. 

(3)  Appropriate  for  those  task  elements  suitable  to  deflnttlon  during  phase. 

(4)  Depends  on  physical  complexity  of  the  system  unit  being  procured,  its  packaging  and  its  overall  nutlntenance  policy. 


by  assisting  managers  and  design  engineers  with  various  maintainability  prediction 
procedures.  Through  the  use  of  this  handbook,  maintainability  engineers,  working 
on  a  new  system  development  effort,  can  select  and  utilize  the  most  applicable 
maintainability  prediction  procedure  for  a  specific  equipment  or  system. 

The  maintainability  characteristics  of  systems  and  equipment  can  seldom  be 
addressed  by  a  single  maintainability  parameter  as  can  the  reliability  characteristics. 
Therefore  MIL-HDBK-472  contains  five  distinct  maintainability  prediction  methods 
each  of  which  addresses  different  maintainability  parameters.  It  also  has  four 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


56 


CRTA-CE 


appendices  which  give  repair  time  estimates  and  supporting  mathematics  and  tables 
of  distribution  values. 

All  five  maintainability  prediction  methods  are  dependent  upon  at  least  two 
parameters:  a)  the  failure  rates  of  the  components  at  the  specific  assembly  level  of 
interest  (obtained  from  the  reliability  prediction),  and  b)  the  repair  time  required  at 
the  maintenance  level  involved. 

The  five  maintainability  prediction  methods  described  in  detail  in  MIL-STD-472 
are: 

Method  I  Flight-line  Maintenance  of  Airborne  Electronic  and  Electro¬ 
mechanical  Systems  Involving  Modular  Replacement 

Method  n  Shipboard  and  Shore  Electronic  Equipment  and  Systems  and 
Some  Mechanical  Systems 

Method  III  Mean  and  Maximum  Active  Corrective  Maintenance  Down¬ 
time  and  Preventive  Maintenance  Downtime  for  Air  Force 
Ground  Electronic  Systems  and  Equipment 

Method  IV  Mean  and/or  Corrective  and  Preventive  Maintenance  Down¬ 
time  for  Systems  and  Equipments 

Method  V  Maintainability  Parameters  of  Avionics,  Ground  and  Shipboard 
Electronics  at  the  Organizational,  Intermediate  and  Depot  Levels 
of  Maintenance 

Maintainability  prediction  procedures  I  and  HI  are  applicable  solely  to  electronic 
systems  and  equipment.  Procedures  n  and  IV  can  be  used  for  all  types  of  systems 
and  equipment®  In  applying  Procedure  n  to  non-electronic  equipments,  however, 
the  appropriate  task  times  must  be  estimated.  Procedure  V  can  be  used  to  predict 
n  maintainability  parameters  of  avionics,  ground  and  shipboard  electronics  at  the 
organizational,  intermediate  and  depot  levels  of  maintenance. 

Tailoring  of  a  maintainability  prediction  involves  the  planning  and  selection  of 
specific  maintainability  parameters  and  the  determination  of  the  maintainability 
prediction  method  to  be  employed.  Guidance  for  tailoring  the  requirements  of 
MIL-HDBK-472  (i.e.,  the  selection  of  specific  maintainability  parameters  and  the 
prediction  method  to  be  employed)  are  found  in  Appendix  A  of  MIL-STD-470. 

3.3  Reliability  and  Maintainability  References 

There  are  a  variety  of  reliability  and  maintainability  reference  sources  both  in  the 
International  Electrotechnical  Commission  (lEC)  specifications,  published  literature 
and  in  DoD  specifications,  standards  and  handbooks.  A  more  complete 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


57 


compendium  of  the  most  germane  DoD  documents  dealing  with  reliability, 
maintainability  and  related  topics  may  be  found  in  the  RAC  publication  PRIM-92, 
"A  Primer  for  DoD  Reliability,  Maintainability,  Safety  and  Logistics  Standards." 

3.3.1  DoD  Specifications.  Standards,  and  Handbooks 

Specific  DoD  specifications,  standards,  and  handbooks  reference  within  this 
document  include  the  following; 

MIL-STD-470  Maintainability  Program  Requirements  Fo^  Systems  and 

Equipments 

MIL-STD-472  Maintainability  Prediction 

MIL-STD-721  Definitions  of  Terms  for  Reliability  and  Maintainability 

MIL-STD-756  Reliability  Modeling  and  Prediction 

MIL-STD-781  Reliability  Testing  for  Engineering  Development, 

Qualification,  and  Production 

MIL-STD-785  Reliability  Program  for  Systems  and  Equipment 

Development  and  Production 

MIL-STD-965  Parts  Control  Program 

MIL-STD-1629  Procedures  for  Performing  a  Failure  Modes,  Effects,  and 

Criticality  Analysis 

MIL-STD-2155  Failure  Reporting,  Analysis  and  Corrective  Action  System 

MIL-STD-2165  Testability  Program  for  Systems  and  Equipment 

MIL-HDBK-217  Reliability  Prediction  of  Electronic  Equipment 

MIL-HDBK-338  Electronic  Reliability  Design  Handbook 

MIL-HDBK-781  Reliability  Test  Methods,  Plans,  and  Environments  for 

Engineering  Development,  Qualification,  and  Production 

These  dociunents  are  all  available  from: 


Standardization  Documents  Order  Desk,  Building  4D 
700  Robbins  Avenue 
Philadelphia,  PA  19111-5094 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


Parts  Application  and  Reliability  Information  Manual  for  Navy  Electronic 
Equipment,  TE-OOO-AB-GTP-010,  September,  1985 

Derating  Application  of  Parts  for  ESD  Systems  Development,  ESD-TR-85-148,  AD- 
A153-299 

Eskin,  D.J.,  et  al..  Reliability  Derating  Procedures,  RADC-TR-84-254,  AD- A1 53-268 
Part  Derating  Guidelines,  AFSC  Pamphlet  800-27, 1983 

Brummet,  S.L.,  et  al..  Reliability  Parts  Derating  Guidelines,  RADC-TR-82-177,  AD- 
A1 20-367 

ASQC  Booklet,  "A  Reliability  Guide  to  Failure  Reporting,  Analysis,  and  Corrective 
Action  Systems,"  (1977) 

lEC  Publication  #  362,  "Guide  for  the  Collection  of  Reliability,  Availability,  and 
Maintainability  Data  from  Field  Performance  of  Electronic  Items,"  (1971) 

RADC  Part  Derating  Guide  Sliderule 

Nuemann.  G.,  Barthlenghi,  G.,  et  al.,  'Testability/ Diagnostic  Design  Encyclopedia," 
RADC-TR-90-239 

"Failure  Mode /Mechanism  Distributions,"  FMD-91,  Reliability  Analysis  Center 

"Nonelectronic  Parts  Reliability  Data  1991,"  NPRD-91,  Reliability  Analysis 
Center 

3.3.3  References 

[1]  Miller,  J.,  "Sneak  Circuit  Analysis  for  the  Common  Man",  RADC-TR-89-223 

[2]  "Integration  of  Sneak  Circuit  Analysis  vdth  Design,"  RAEXI!-TR-90-109 

[3]  "Automated  Sneak  Circuit  Analysis  Technique  (SCAT)" 

[4]  Followell,  D.A.,  et  al,  (McDonnell  Aircraft  Company),  "Computer  Aided 
Assessment  of  Reliability  Using  Finite  Element  Methods,"  RL-TR-91-155 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


SECTION  4 


PRODUCTION  CONSIDERATIONS 


CRTA-CE 


61 


4.0  PRODUCTION  CONSIDERATIONS 

The  recent  gulf  war  vividly  illustrated  the  critical  role  of  electronics  relative  to 
modem  weapons  systems  and  our  dependence  upon  the  ability  to  produce  these 
increasingly  complex  electronic  assemblies  economically  and  with  the  prerequisite 
level  of  reliability. 

Within  DoD  the  primary  specification  dealing  with  producibility  is  MIL-STD-727, 
"Design  Guidance  for  Producibility."  Unfortunately,  since  MIL-STD-727  was 
published  radical  changes  have  occurred  in  the  way  electronic  equipment  is 
designed,  developed  and  manufactured.  Computer-Aided  Engineering  (CAE)  or 
Computer-Aided-Design  (CAD)  and  Computer-Aided-Manufacturing  (CAM)  have 
become  the  norm  and  Computer-Aided  Acquisition  and  Logistic  Support  (CALS)  is 
a  requirement  in  most  new  DoD  contracts.  Nevertheless,  MIL-STD-727  still  offers  a 
wealth  of  information  in  many  other  areas  regarding  design  for  producibility. 

4.1  Producibility  Engineering 

Producibility  considerations  can  impact  cost,  schedule,  risk,  maintainability, 
supportability  and  conceivably  even  the  performance  of  an  electronic  system. 
Hence,  producibility  is  an  important  concern  of  the  CE  process.  Producibility  may  be 
defined  as  the  combined  effect  of  those  elements  or  "characteristics  of  the  design" 
and  those  elements  or  "characteristics  of  its  production  planning,"  which  enable  the 
item  to  be  produced,  inspected  and  tested  in  the  quantity  required. 

4.1.1  Specific  Characteristics  of  the  Design 

"Specific  Characteristics  of  the  Design"  refers  to  the  fundamental  design 
elements  that  describe  form,  fit,  and  function  as  they  affect  producibility.  They 
include: 

Specified  Materials 

Simplicity  of  Design 

Flexibility  in  Production  Alternatives 

Tolerance  Requirements 

Clarity  and  Simplicity  of  the  Technical  Data  Package 

Specified  Materials 

Mechanical,  physical  and  chemical  properties  usually  constitute  the  primary 
decision  criteria  for  selecting  a  material  to  satisfy  the  requirements  of  a  design 
objective.  These  properties  may  facilitate  or  limit  the  selection  of  a  manufacturing 
process  because  of  their  interrelationship  with  the  factors  of  formability, 
machinability,  joining,  and  heat  or  surface  treatment.  A  design  specifying  only  one 
material  is  constrained  to  the  manufacturing  process  compatibility  with  that 
material.  The  design  should  allow  for  as  many  alternate  materials  as  possible  to 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


62 


CRTA-CE 


broaden  the  number  of  potential  manufacturing  processes  and  to  allow  for  the 
substitution  of  non-scarce  or  nonstrategic  materials. 

Simplicity  of  Design 

A  complex  approach  to  satisfying  the  design  objective  can  result  in  extreme  cost 
increases.  Typically,  such  a  design  may  exceed  the  fundamental  requirements, 
thereby  adding  weight,  increasing  the  cost  to  manufacture,  and  raising  the  cost  of 
reliability,  availability,  and  maintainability.  It  is  very  likely  that  a  complex  design 
will  require  additional  cost  and  delivery  time  because  of  increased  manufacturing 
and  assembly  cost. 

Flexibility  in  Production  Alternatives 

Only  in  rare  instances  will  just  one  material  or  manufacturing  process  satisfy  the 
requirements  of  the  design  objective.  More  frequently,  any  one  of  several  materials 
or  processes  will  result  in  an  acceptable  product.  The  identification  of  alternative 
materials  and  processes  will  greatly  enhance  producibility  by  anticipating  bottlenecks 
caused  by  a  lack  of  material  or  process  availability.  Rardy  should  a  design  specify  a 
manufacturing  process.  However,  indirectly  there  are  many  ways  for  this  to  occur. 
Materials,  tolerances,  draft  lines  (in  castings),  relief  angles  (in  forgings),  and  bend 
radii  all  have  a  direct  impact  on  the  selection  of  a  manufacturing  process.  These  are 
all  factors  of  significant  importance  to  producibility  and  should  receive  explicit 
attention  during  the  design  process  by  manufacturing  engineering. 

Tolerance  Requirements 

The  specification  of  unnecessarily  tight  tolerances  and  surface  roughness  has  a 
very  detrimental  effect  on  producibility.  As  tolerances  and  surface  roughness 
become  tighter,  more  specialized  and  expensive  manufacturing  operations  are 
required.  The  intensity  of  the  labor  content  of  manufacturing  processes  rises  as  the 
tightness  of  tolerances  and  surface  roughness  requirements  increase.  These  should 
be  specified  only  to  the  minimum  quality  level  absolutely  essential  to  the  design 
objective. 

Clarity  and  Simplicity  of  the  Technical  Data  Package 

Reliability  of  the  information  conveyed  by  the  Technical  Data  Package  is  of  vital 
importance  to  the  successful  production  of  the  design  objective.  Unclear  or  vague 
design  information  can  be  as  detrimental  to  producibility  as  inaccurate  information. 

4.1.2  Characteristics  of  Production  Planning 

"Characteristics  of  Production  Planning"  implies  the  total  assessment  of  all 
available  resources  to  accomplish  the  production  requirements  for  a  given  design. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


63 


These  include: 

Production  Rate  and  Quantity 

Special  Tooling  Requirements 

Manpower  Facilities 

Availability  of  Materials 

Production  or  Inspection  Quantity  Required 

Production  Rate  and  Quantity 

Planned  production  rates  and  quantities  are  the  decision  criteria  for  the 
establishment  and  sizing  of  secondary  facilities  for  subassembly  and  final  assembly. 
Errors  in  judgment  can  have  a  detrimental  effect  that  can  result  in  extremely  high 
losses  of  time  and  money. 

Special  Tooling  Requirements 

Special  purpose  tools  are  those  required  to  adapt  a  general  purpose  machine  to  a 
special  purpose  requirement.  They  are  frequently  required  in  support  of  high-rate 
production  and  may  occasionally  be  required  in  low-rate  production  also.  Generally, 
the  quality  and  cost  of  the  tooling  are  in  direct  proportion  to  the  production  rate. 
Failure  to  plan  for  tooling  requirements  can  idle  an  entire  facility  and  have 
disastrous  effects  on  produdbility. 

Manpower 

The  availability  of  any  unique  labor  skills  is  vitally  important  to  any  planned 
production. 

Facilities 


The  availability  of  unique  facilities  such  as  a  five-axis  numerical  control 
machine,  when  they  are  the  only  manufacturing  facilities  capable  of  producing  the 
component,  is  vital  to  the  produdbility  of  the  component. 

Availability  of  Materials 

This  is  an  obvious  critical  element  to  the  successful  production  of  any 
component  or  product.  The  time  phasing  of  material  deliveries  to  coincide  with  the 
production  schedule  is  a  producibility-determining  element.  Good  produdbility 
planning  should  assure  that  material  is  not  critical  or  geographically  sensitive 
without  also  specifying  an  appropriate  alternate  material.  Material  Requirements 
Planning  (MRP)  and  "Just-In-Time"  are  two  modern  methods  for  addressing  this 
concern. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


64 


CRTA-CE 


Production  or  Inspection  Quantity  Required 

High-rate  production  and  inspection  carry  with  them  complete  sets  of  criteria 
that  are  quite  different  than  those  of  low-rate  production  and  inspection.  However, 
they  both  share  the  common  design  element  interrelationships  of  form,  fit  and 
function,  material  selection,  and  manufacturing  process  selection. 

A  design  planned  for  high-rate  production  must  be  configured,  dimensioned, 
and  toleranced  in  a  manner  consistent  with  the  capabilities  of  high-rate  production 
processes.  Not  all  materials  are  compatible  with  high-rate  production  processes; 
consequently,  care  must  be  exercised  to  assure  that  the  material  selected  is 
compatible  with  both  high-rate  production  processes  and  the  properties  required  by 
the  design  objective. 

The  ability  to  amortize  production  cost  in  high-rate  production  over  a  large 
number  of  parts  provides  many  opportunities  for  producibility  improvements. 
Low-rate  production  does  not  usually  offer  the  same  opportunities.  However,  the 
cost  savings  per  improvement  are  usually  greater  in  low-rate  production  due  to  its 
inherent  labor  intensive  nature. 

4.2  Electronic  Producibility  Considerations 

Radical  changes  have  occurred  in  the  last  decade  in  the  design,  development  and 
manufacture  of  electronic  equipment.  Computer  Aided  Engineering  (CAE),  Design 
(CAD)  and  Manufacturing  (CAM)  now  play  a  significant  role  in  the  production  of 
electronic  equipment. 

These  changes  have  had  a  profound  impact  upon  electronic  equipment 
manufacturing  science  and  upon  the  related  producibility  concerns.  For  example, 
MIL-STD-1840  (see  Section  6)  establishes  the  requirements  for  the  automated 
interchange  of  technical  information.  Thus,  the  engineering  drawings  and 
specifications  and  other  documentation  which  have  historically  been  utilized  in  the 
manufacturing  process  are  now  being  replaced  with  electronic  workstations.  The 
necessary  technical  data  is  now  transmitted  electronically,  in  digital  form,  from  the 
designer  to  the  manufacturing  facility.  With  the  advent  of  these  digital  databases 
and  the  real  time  transmission  of  data,  the  need  for  hard  copy  documentation  is 
greatly  diminished. 


Whole  Wafer  Holographic  Inspection  techniques,  the  use  of  Very  High  Speed 
Integrated  Circuit  Hardware  Description  Language  (VHDL)  and  high  density 
electronic  packaging  concepts  such  as  Flip-Chip  processes  and  surface  mounted 
components  replacing  through-hole  connections  are  just  some  of  the  new 
manufacturing  concepts  that  significantly  impact  electronic  hardware  producibility. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  N 


-6916  •  315-337-0900 


CRTA-CE 


65 


Other  recent  technological  changes  in  electronic  state-of-the-art  include: 

1)  The  release  of  MIL-H-38510,  for  hybrid  microcircuits,  and  MIL-I-38535,  for 
monolithic  microcircuits.  These  new  specifications  utilize  a  Qualified 
Manufacturing  List  (QML)  approach,  in  contrast  to  the  historic  Qualified 
Part  List  (QPL).  This  change  was  essential  to  deal  with  Very  High  Speed 
Integrated  Circuits  (VHSIC)  devices.  Application  Specific  Integrated 
Circuits  (ASICs)  and  other  modem  high  complexity  microcircuit  devices. 

2)  The  acceptance  and  use  of  Gallium  Arsenide  (GaAs),  Microwave 
Monolithic  Integrated  Circuits  (MMIC)  and  GaAs  digital  devices  in 
military  hardware. 

3)  Significant  technological  improvements  in  plastic  encapsulated  packaging 
of  microcircuit  devices  and  subsequent  acceptance  for  use  in  ground 
benign  and  ground  fixed  military  environments. 

Modem  production  facilities  and  especially  those  in  the  electronics  industry  use 
a  number  of  sophisticated  analytical  techniques  such  as:  Statistical  Process  Control 
(SPC),  Quality  Function  Deployment  (QFD),  Design  of  Experiments  (DOE), 
Manufacturing  Process  Improvement  (MPI)  and  Variability  Reduction  Program 
(VRP).  These  techniques  pioneered  by  and/or  adapted  by  organizations  such  as: 
USAF  Manufacturing  Technology,  Wright-Patterson  AFB,  OH;  the  Navy  Electronics 
Manufacturing  Productivity  Facility  [Reference  1]  in  Indianapolis,  IN  and  the 
Manufacturing  Technology  Information  Analysis  Center  (MTIAC)  [Reference  2]  in 
Chicago,  IL  allow  the  control  and  optimization  of  the  manufacturing  process  to  a 
degree  previously  unobtainable.  Also  flexible  manufacturing  allows  the  economical 
production  of  small  quantities  of  electronic  assemblies  without  the  customary 
accompanying  decrease  in  quality. 

4.3  Environmental  Stress  Screening 

Environmental  Stress  Screen!  -  ^SS)  is  a  procedure,  or  a  series  of  procedures, 
specifically  designed  to  ident  eak  parts,  workmanship  defects  and  other 
conformance  anomalies  so  that  y  can  be  removed  from  equipment  prior  to 
delivery.  ESS  may  be  applied  to  parts  or  components,  printed  circuit  boards, 
subassemblies,  assemblies,  or  equipment  (as  appropriate  and  cost  effective),  to 
remove  defects  which  would  otherwise  cause  failures  during  higher-level  testing  or 
early  field  operation.  ESS  is  a  part  of  the  manufacturing  process. 

Prior  to  implementation  of  any  production  screening,  a  successful  ESS  program 
requires  careful  pknning  by  design,  manufacturing  and  production  engineering.  It 
is  important  to  remember  that  different  screens  are  more  beneficial  than  others 
depending  on  the  item  being  screened  and  the  indenture  level  of  that  item. 
Additionally,  items  that  are  to  be  procured  by  vendors  or  sub-contractors  must  have 
screening  requirements  for  these  items  established  prior  to  their  procurement  as 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


66 


CRTA-CE 


screening  impacts  costs.  More  importantly,  screens  must  be  in-line  with  system 
R&M  performance  goals.  Mission  critical  systems  typicdly  require  a  more  rigorous 
screening  regime  than  non-critical  systems.  A  carefully  planned  ESS  program 
requires  inputs  from  reliability,  manufacturing,  production  and  quality  control 
engineering  to  assure  optimum  cost /performance  benefits  are  realized. 

Requirements  for  ESS  can  be  found  in:  MIL-STD-785,  "Reliability  Program  for 
Systems  and  Equipment  Development  and  Production"  specifically  Task  301 
Environmental  Stress  Screening  (ESS);  MIL-STD-781,  "Reliability  Testing  For 
Engineering  Development,  Qualification  and  Production,"  specifically  Task  401 
Environmental  Stress  Screening  (ESS);  and  MIL-HDBK-781,  "Reliability  Test 
Methods,  Plans  and  Environments  for  Engineering  Development,  Qualification  and 
Production." 

ESS  must  not  be  confused  with  Production  Reliability  Assurance  Test  (PRAT). 
ESS  employs  accelerated  environmental  stimuli,  less  expensive  test  facilities,  and  is 
recommended  for  application  to  each  and  every  production  item.  In  contrast,  PRAT 
is  essentially  a  sampling  plan  which  requires  a  realistic  simulation  of  the  life  profile, 
more  expensive  test  facilities,  and  is  used  to  measure  and  verify  the  reliability  of  a 
product  off  the  production  line. 

ESS  is  an  emerging  technology  and  there  are  various  approaches  associated  with 
the  application  of  stress  saeens.  Regardless  of  the  approach  used,  the  fundamental 
objective  of  ESS  remains  the  same  (i.e.  to  remove  latent  defects  from  the  product 
prior  to  field  delivery). 

Historically  there  have  been  two  basic  approaches  to  the  employment  of  ESS.  In 
one,  the  government  explicitly  specifies  the  screens  and  screening  parameters  to  be 
used  at  various  assembly  levels.  Failure-free  periods  are  sometimes  attached  to 
these  screens,  as  an  acceptance  requirement,  in  order  to  provide  assurance  that  the 
product  is  reasonably  free  of  defects.  This  approach  is  documented  in  MIL-STD- 
2164(EC). 

4.3.1  The  MIL-STD-2164  Approach  to  ESS 

MIL-STD-2164(EC)  establishes  procedures  and  ground  rules  for  the  selection  of 
the  proper  type  of  stress,  the  amount  of  stress,  and  the  duration  of  stress  or  stresses 
to  be  used  in  the  formulation  of  a  cost  effective  environmental  stress  screening 
program  for  a  specific  item  of  equipment.  It  defines  specific  requirements  for  ESS  of 
electronic  equipment,  including  environmental  test  conditions,  durations  of 
exposure,  procedures,  equipment  operation,  actions  taken  upon  detection  of  defects, 
and  test  documentation.  The  standard  provides  for  a  uniform  ESS  to  be  utilized  for 
effectively  disclosing  manufacturing  defects  in  electronic  equipment. 

The  process  described  is  applied  to  electronic  assemblies,  equipment  and  systems, 
in  six  broad  categories  as  distinguished  by  their  field  application: 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


67 


Category  Service/  Application 


1  Fixed  ground  equipment 

2  Mobile  ground  vehicle  equipment 

3  Shipboard  equipment 

3A  -  Sheltered 

3B  -  Exposed  to  atmospheric  environments 

4  Jet  aircraft  equipment 

5  Turbo-propeller  and  rotary-wing  aircraft  equipment 

6  Air  launched  weapons  and  assembled  extemai  stores 


Appendix  A  of  MIL-STD-2164(EC)  describes  the  approach,  ground  rules  and 
assumptions  used  to  tailor  the  requirements  of  the  specification.  Specific  goals  to 
optimize  times  for  pre-defect-free  (PDF)  and  subsequent  defect-free  (DF)  testing 
under  environmental  conditions,  and  to  define  ground  rules  and  techniques  for 
reduced  testing  and  possible  product  sampling  are  given.  Another  purpose  of  the 
appendix  is  to  present  the  background  that  led  to  the  test  times  stipulated  in  the 
main  body  of  the  standard,  and  to  define  statistical  plans  for  reduced  testing  and 
sampling  options. 

4.3.2  The  DOD-HDBK-344  Approach  to  ESS 

The  second  approach  is  to  have  the  contractor  develop  and  propose  an  ESS 
program,  subject  to  the  approval  of  the  procuring  activity,  which  is  tailored  to  that 
product.  This  approach  is  found  in  DOD-HDBK-344  (USAF),  "Environmental  Stress 
Screening  of  Electronic  Equipment"  which  provides  guidelines  for  the  contractor  to 
assist  in  the  development  and  establishment  of  an  effective  ESS  program. 


DOD-HDBK-344  is  a  complex  document  describing  nine  different  ESS  planning, 
monitoring  and  control  procedures.  It  presents  general  techniques  for  planning  and 
evaluating  Environmental  Stress  Screening  (ESS)  programs.  The  guidance 
contained  therein  departs  from  other  ESS  approaches  in  that  quantitative  methods 
are  used  to  plan  and  control  both  the  cost  and  effectiveness  of  the  ESS  program.  The 
quantitative  methods  extend  the  objective  by  focusing  on  the  defects  which  remain 
in  the  product  at  delivery  and  their  impact  on  field  reliability. 


The  handbook  is  organized  according  to  the  general  sequence  of  events  to  be 
undertaken  by  the  contractor  in  planning,  monitoring  and  controlling  a  screening 
program.  Five  detailed  procedures  are  used  to  assist  the  user  in  accomplishing  ESS 
planning  and  evaluation  activities.  The  detailed  procedures  are  as  follows: 

Procedure  A  -  Part  Fraction  Defective  -  Air  Force  Action  Plan  R&M  2000  Goals 
and  Incoming  Defect  Density 

Procedure  B  -  Screen  Selection  and  Placement 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


68 


CRTA-CE 


Procedure  C  -  Failure-Free  Acceptance  Test 

Procedure  D  -  Cost  Effectiveness  Analysis 

Procedure  E  -  Monitoring,  Evaluation  and  Control 

The  product  development  phase  is  used  to  experiment  with  stress  screens  using 
an  R&M  2000  initial  screening  regimen,  and  to  then  define  and  plan  a  cost  effective 
screening  program  for  production.  Controls  are  then  used  to  assure  that  the 
manufacturing  process  logins  with  electronic  parts  with  fraction  defective  levels 
which  are  consistent  with  R&M  2000  Goals.  After  the  screening  program  is 
implemented  in  production,  stress  screening  results  are  used  to  evaluate  the 
screening  process  to  establish  whether  program  objectives  are  being  achieved. 

Appendix  A  of  DOD-HDBK-344  contains  the  mathematical  relations  and  model 
descriptions  used  in  the  handbook.  A  review  of  Appendix  A  will  assist  the  user  in 
gaining  a  quick  understanding  of  the  rationale  and  methodology  of  the  handbook. 
Appendix  B  provides  the  rationale  used  for  establishing  the  quantitative  goals 
related  to  reliability  requirements  for  the  product.  Quantitative  objectives  for  the 
screening  program  must  be  established  early.  Appendix  C  provides  the  derivation 
of  the  Failure  Free  Acceptance  Test  (FFAT). 

Tailoring  of  ESS  involves  primarily  the  selection  of  the  screening  method 
utilized,  the  rigor  with  which  this  method  is  applied,  the  time  duration  of  the 
applied  stress  and  the  applicability  and  length  of  a  "failure  free  operation" 
requirement.  DOD-HDBK-344(USAF)  is  written  as  a  series  of  guidelines  to  assist  the 
contractor  in  the  development  and  establishment  of  a  unique  cost  effective  ESS 
program,  thus  tailoring  is  inherent  in  this  approach. 

4.3,3  Institute  of  Environmental  Science 

The  Institute  of  Environmental  Sciences  (lES)  [Reference  3]  has  been  in  the 
forefront  of  ESS  investigations  for  many  years  and  has  published  a  number  of 
pertinent  documents  in  this  field.  The  lES  has  also  been  influential  in  the 
development  and  coordination  of  a  new  DoD  tri-service-approved  guide  for  ESS 
which  is  planned  for  release  in  the  near  future. 

4.4  Produdbility  References 

Section  references  along  with  some  contemporary  potential  sources  of  electronic 
design-for-producibility  information  include: 

[1]  Electronics  Manufacturing  Productivity  Facility  (EMPF)  714  North  Senate 
Ave.,  Indianapolis,  IN  46204 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


69 


[21  Manufacturing  Technology  Information  Analysis  Center  10  West  35th 
Street,  Chicago,  Illinois  60616 

[3]  Institute  of  Environmental  Sciences,  940  East  Northwest  Highway,  Mount 
Prospect,  IL  60056,  Telephone:  (708)  255-1561 

[4]  DoD  Directive  4245.7M,  "Transition  from  Development  to  Production," 
1985 

[51  NAVSO  P-6071,  Best  Practices:  How  to  Avoid  Surprises  in  the  World's  Most 
Complicated  Technical  Process 

[6]  Priest,  J.  W.,  "Engineering  Design  for  Producibility  and  Reliability,"  Marcel 
Dekker,  Inc.,  1988 

[7]  Matisoff,  B.S.,  "Handbook  of  Electronic  Packaging  and  Design,"  Nostrand- 
Reinhold,  1982 

[8]  Bralla,  J.  G.,  "Handbook  of  Product  Design  for  Manufacturing,"  McGraw- 
Hill,  1986 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


SECTION  5 

TESTABILITY  CONSIDERATIONS 


CRTA-CE 


73 


5.0  TESTABILITY  CONSIDERATIONS 

A  properly  designed  circuit  may  be  inadequate  if  it  cannot  be  tested.  Testability  is 
the  extent  to  which  a  system  or  unit  design  supports  fault  detection  and  fault 
isolation  (FD/FI)  within  the  bounds  of  specific  time,  confidence,  complexity,  and 
cost  effectiveness  limits.  A  system  developed  using  Design  for  Testability  (DFT) 
criteria  will  provide  the  necessary  test  points  to  facilitate  the  incorporation  of  Built- 
In-Test  (BIT)  and  support  Automated /External  Test  Equipment  (ATE/ETE)  to  meet 
FD/Fl  requirements.  Testability  by  design  will  achieve  the  required  FD/FI  goals  and 
help  to  meet  operational  availability  (Ao)  within  complexity  and  cost  constraints.  A 
design  methodology  utilizing  DFT  techiuques  to  achieve  a  high  level  of  testability 
must  be  considered  early  in  the  design  phase. 

The  goal  of  testability  by  design  is  to  assure  that  all  levels  of  a  system  meet  the 
four  essential  requirements  of  Initialization,  Controllability,  Observability,  and 
Accessibility. 

Initialization  -  The  ability  to  initialize  a  system  with  external  stimuli  to  the 
operating  characteristics  of  the  system.  For  digital  systems,  this  includes  being  able 
to  disable  internal  clocks. 

Controllability  -  The  ability  to  control  system  functions  with  external  test  stimuli, 
including  clocks,  and  the  ability  to  break  up  chains  and  feedback  loops. 

Observabi’Uy  -  The  ability  to  observe  system  functions  through  adequate  test 
points  (0-100%)  using  integrated  diagnostics,  (i.e.,  BFr/ETE/ ATE /Manual  test/etc.) 

Accessibility  -  The  ability  to  have  0-100%  access  to  the  unit's  internal  part 
structures  and  partitions,  depending  on  mission  requirements  and  limited  test  point 
placement. 

The  means  by  which  DFT  is  implemented  will  require  the  ability  to  analyze  the 
above  characteristics  for  a  given  system  to  identify  where  improvements  are 
necessary  to  provide  adequate  initialization,  controllability,  observability  and 
accessibility.  The  analysis  can  take  several  forms  depending  on  the  type  of  system 
and  the  testability  requirements.  There  are  several  tools  and  methods  available  to 
the  analyst  that  will  provide  the  necessary  information  needed  to  implement  DFT 
principles.  Reference  [1]  identifies  and  describes  the  most  commonly  used  tools  and 
gives  some  guidance  on  how  they  can  be  used  alone  or  together,  as  in  many 
instances,  one  tool  or  method  may  not  sufficiently  address  all  requirements. 

5.1  Design  for  Testability  Objectives  and  Requirements 

The  goals  and  objectives  of  any  DFT  program  are  to  minimize  the  costs 
associated  with  testing  for  equipment  malfunctions  while  maximizing  system 
availability  (Ao).  More  specifically,  these  objectives  are  met  by  using  DFT 


Reliability  Analysis  Cer 'er  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


74 


CRTA-CE 


techniques  to  help  determine  where  functional  test  and  condition  monitoring  are 
needed  to  assure  Ao  requirements,  and  what  strategies  (i.e.,  best  mix  of 
BIT/ETE/ATE  etc.  and  optimum  test  performance  sequence)  are  needed  to 
maximize  malfunction  detection  and  isolation  and  decrease  test  times.  In  meeting 
DFT  objectives,  the  benefits  of  lower  Test  Program  Set  (TPS)  development  costs  and 
lower  system  life  cycle  support  costs  will  more  than  outweigh  the  cost  of 
implementation. 

One  of  the  keys  to  understanding  DFT  is  to  understand  the  basic  requirements  of 
testability.  For  DFT  to  be  successful  and  most  cost  effective,  it  must  be  implemented 
at  the  earliest  design  stages.  Early  implementation  will  help  to  guarantee  that 
adequate  testability  is  an  inherent  part  of  the  hardware  design.  Late  incorporation  of 
DFT  usually  generates  extra  costs  and  is  less  effective.  This  usually  involves  adding 
test  points  or  fault  flags  to  the  existing  design  to  compensate. 

Program  management  must  provide  for  active  representation  of  testability 
concerns  in  all  program  life  cycle  phases.  This  is  especially  true  because  of  the  lack 
of  governing  testability  standards,  procedures  or  policy.  This  means  that  testability 
goals  must  be  established  and  monitored  and  that  an  in-house  testability  program 
plan  be  developed  and  adhered  to  as  part  of  the  CE  framework.  Part  of  the  program 
plan  should  be  to  evaluate  the  testability  posture  at  the  end  of  each  development 
phase,  before  entering  the  next  acquisition  phase.  This  requires  that,  testability  be 
tracked  and  demonstrated  such  that  problems  can  be  identified  and  corrected  in  a 
timely  and  cost  effective  manner  similar  to  other  assurance  disciplines.  Reliability 
and  maintainability  engineers  need  to  work  closely  with  both  hardware  and 
software  designers  to  optimize  the  inherent  testability  of  the  design  to  reduce  the 
number  of  design  iterations  and  test  patches. 

Testability  and  DFT  techniques  should  be  applied  at  all  hardware  indenture 
levels  and  at  all  maintenance  levels  whenever  possible  or  practical.  To  decrease  test 
costs  in  production  phases,  testability  should  be  considered  in  a  bottom  up  approach. 
The  bottom  up  approach  will  help  to  facilitate  a  top  down  look  at  testing  that  is 
required  for  operation  and  maintenance.  The  various  testability  tools  can  be 
implemented  to  facilitate  a  top  down,  bottom  up  or  combined  approach  to  testability 
analysis.  It  is  important  to  remember  that  applying  DFT  at  all  levels  of  hardware 
indenture  and  maintenance  will  go  a  long  way  in  maximizing  system  availability 
while  minimizing  test  resource  consumption. 

5.2  Testability  Program  Monitoring  and  Control 

The  testability  characteristics  of  a  system  are  the  direct  result  of  the  design  of  that 
system.  Providing  desirable  supportable  features  that  yield  acceptable  operational 
readiness  and  reduced  operating  and  support  costs  can  only  result  when  sound 
engineering  design  principles  are  applied. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


75 


Although  testability  analyses  are  called  for  in  some  system  procurements,  there 
is  currently  no  common  standard,  or  handbook,  that  completely  defines  the 
methodology  or  tools  to  be  used.  MIL-STD-2165,  "Testability  Program  for  Electronic 
Systems  and  Equipment,"  is  a  good  foundation  as  a  testability  standard,  but  does  not 
adequately  address  testability  analysis  techniques  and  their  applications.  However,  it 
does  set  requirements  and  establish  guidelines  for  assessing  the  extent  to  which  a 
system  or  a  unit  supports  fault  detection  and  fault  isolation. 

Testability  program  planning  identifies  and  integrates  all  testability  design 
management  tasks  required  to  accomplish  the  testability  program  requirements.  It 
identifies  testability  design  guides,  analysis  models  and  procedures  to  be  imposed 
upon  the  design  process. 

The  testability  program  plan  is  the  controlling  document  that  presents  the 
overall  test  strategy  including:  operational  checks,  periodic  on-line  tests,  and  off-line 
test  considerations.  It  also  presents  milestones  to  ensure  that  the  final  design 
achieves  the  required  degree  of  testability.  The  plan  includes  mechanisms  for  the 
reporting  of  progress,  problems,  trade-offs,  potential  corrective  actions,  and 
enforcement  of  the  proper  use  of  testability  design  features  by  designers  and 
subcontractors. 

5.3  Testability  Design  and  Analysis 

Testability  represents  the  extent  to  which  a  system  or  a  unit  supports  fault 
detection  and  fault  isolation  in  a  confident,  timely  and  cost-effective  manner. 
System  testability  implementation  generally  includes  the  use  of  built-in-test  (BIT). 
Adequate  recognition  of  the  need  to  design  for  testability  requires  early,  systematic, 
attention  to  specific  testability  requirements,  design  approaches,  analysis  and 
measurement. 

BIT  is  defined  as  an  automated  or  semi-automated  integral  part  of  the 
operational  system.  BIT  does  not  op>erate  outside  of  the  system  environment.  In  its 
simplest  form,  BIT  verifies  the  operational  integrity  of  the  system  by  detecting 
anomalous  system  operation  and  then  assists  the  operator/ maintenance  person  in 
isolating  the  fault  to  a  specific  replaceable  assembly.  To  contrast  the  two  concepts, 
testability  is  a  necessary  system  attribute  while  BIT  is  the  implementation  of  a 
specific  design  approach. 

The  qualitative  and  quantitative  testability  requirements  depend  upon 
operational  requirements  of  the  prime  system.  They  are  based  upon  optimization  of 
the  various  testability  requirements  such  as:  BIT,  ATE  or  manual  test  for  system 
monitoring,  and  fault  detection  or  isolation.  They  also  optimize  the  mix  of 
BIT/ BITE /ETE  and  the  maintenance  shop  organization  to  satisfy  the  established 
maintenance  concept  and  the  operational  availability  requirements. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


76 


CRTA-CE 


The  qualitative  and  quantitative  testability  requirements  affect  safety,  the 
quantity  and  skills  of  the  operating  and  maintenance  personnel,  existing  logistics 
constraints,  deployment  scenarios,  environmental  conditions  and  planned 
maintenance  facilities. 

Appropriate  testability  design  concepts  are  to  be  incorporated  into  the  design  for 
each  item  in  the  system.  The  design  analysis  evaluates  and  assesses  the  system  or 
the  equipment's  inherent  (intrinsic)  testability  figure-of-merit.  This  assessment  can 
be  performed  in  accordance  with  the  procedures  described  in  Appendix  B  of  the 
MIL-STD-2165  or  as  described  in  Reference  [I].  The  design  is  then  modified  as 
necessary  to  assure  compliance  with  the  established  "Inherent  Testability  Figure-of- 
Merit"  requirement,  the  principle  numeric  of  interest  early  in  the  design  effort. 

Key  elements  include:  a)  analyzing  hardware/ software  BIT  features;  b) 
documenting  trade-offs  made  in  selecting  them;  c)  conducting  a  testability  analysis 
of  the  projected  design  units  imder  test  (UUT)  to  determine  the  extent  to  which  the 
recommended  testability  requirements  and  guidelines  provided  to  the  designers 
were  incorporated  into  the  design;  and  d)  providing  guidance  for  subsequent 
detailed  design-for-testability. 

Specific  features  must  be  incorporated  into  the  system  or  equipment  design  to 
satisfy  the  testability  performance  requirements.  Test  effectiveness  utilizing  these 
features  is  then  predicted  for  the  system  or  equipment.  Included  is  an  analysis  of  all 
critical  functions  of  the  prime  equipment  to  assure  that  they  are  exercised  by  testing 
to  the  extent  specified.  Analysis  is  also  made  of  the  test  effectiveness  of  the  BIT  and 
off-line  test.  Failure  modes  are  analyzed  to  obtain  measures  of  observability  and 
controllability.  The  two  key  elements  are,  a  hardware  failure  analysis  to  analyze  test 
effectiveness  and  a  testability  analysis  model  to  analyze  the  inherent 
observability/controllability  of  the  configuration. 

An  observability/controllability  analysis  is  performed  on  each  configuration 
item  (potential  UUT).  The  overall  testing  structure  contains  a  hierarchy  of  analyses 
representing  each  of  the  levels  of  testing. 

5.4  T  ailoring  a  T  estability  Progra  m 

A  single  testability  program  is  obviously  not  suitable  for  all  programs.  There  are 
pragmatic  limits  to  the  resources  in  time,  money  and  engineering  manpower  to 
expend  on  testability  analysis.  The  testability  program  must  be  tailored  to  the 
unique  aspects  and  limits  of  a  given  procurement  based  primarily  upon  the  phase  of 
the  program.  The  individual  tasks  themselves  must  be  tailored  based  upon  the 
program  phase.  A  given  task  will  not  always  be  carried  out  in  the  same  manner.  It 
will  vary  from  one  program  to  another  and  it  will  also  vary  within  a  given  program 
depending  upon  the  program  phase.  Appendix  A  of  MIL-STD-2165  provides 
guidance  in  the  selection  and  application  of  the  various  testability  tasks. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..  Rome,  NY  13440-6916  •  315-337-0900 


CRTA-CE 


77 


5.5  ANSI/IEEE  Standard  1149.1  [Reference  2] 

A  recent  new  development  in  the  field  of  testability  is  the  promulgation  and 
general  industry  acceptance  of  ANSI/IEEE  Standard  1149.1,  “IEEE  Standard  Test 
Access  Port  and  Boundary-Scan  Architecture."  Boundary-Scan  is  a  built-in 
technique  for  testing  a  completed  printed-circuit  boards  -  specifically  the  digital  ICs 
and  their  interconnections.  Its  key  feature  is  the  insertion  in  every  IC  of  small 
quantities  of  logic,  called  boundary-scan  cells,  between  each  pin  and  the  chip 
circuitry  to  which  that  pin  is  normally  directly  connected. 

During  normal  operation,  data  is  passed  between  the  pins  and  logic  as  if  the 
boundary-scan  cells  were  not  there.  When  put  into  the  test  mode,  however,  they 
can  be  directed  by  a  test  program  to  pass  data  along  a  shift-register  path,  so  that  either 
the  internal  chip  logic  or  external  chip-to-chip  connections  can  be  tested.  Using  the 
Test  Access  Port  (TAP)  and  boundary-scan  techniques  it  is  practical  to  put  desired  test 
sequences  wherever  they  are  needed  making  it  possible  to  distinguish  between 
testing  the  chips  themselves  and  testing  the  connections  between  the  chips. 

ANSI/IEEE  Standard  1149.1  defines  a  number  of  “tools"  that  may  be  built  into  ICs 
themselves  to  assist  in  the  testing  of  printed-circuit  boards  and  other  assemblies,  and 
gives  details  on  how  the  tool  set  can  be  expanded  to  meet  the  needs  of  a  particular 
chip  design.  The  standard  also  defines  a  method  of  communicating  test  instructions 
and  data  from  an  external  test  processor  to  the  various  ICs  on  a  board  so  the  right 
combination  of  tools  can  be  configured  and  used  at  each  successive  stage  of  testing. 
Four  or  five  extra  pins,  over  and  above  the  normal  pins  are  all  that  is  required  to 
add  boundary-scan  capability  to  virtually  any  digital  IC  in  accordance  with  this 
standard.  The  standard  also  specifies  a  device  identification  registration  that  can  be 
included  in  a  chip  design.  In  response  to  an  identity  code  instruction,  this  32  bit 
register  loads  32  bits  of  data  that  identify  the  chip  manufacturer,  chip  type  and 
version  in  a  pre-defined  format.  This  data  can  then  be  shifted  out  of  the  circuit  for 
examination. 

A  key  goal  of  the  standard's  developers  was  that  it  should  be  extendable  to  meet  a 
particular  IC's  requirements,  provided  certain  basic  rules  are  met.  A  number  of  IC 
makers  are  already  producing  ICs  which  incorporate  boundary-scan  and  are  also 
taking  this  opportunity  to  supply  test  and  design  support  tools  specific  to  their  ICs. 

Although  the  boundary-scan  approach  is  not  new,  prior  to  the  publication  of  this 
standard  there  was  no  uniform  way  to  access  Built-In-Self-Test  (BIST)  features.  This 
need  is  becoming  more  important  especially  considering  the  recent  DoD 
requirements  for  complex  digital  systems,  which  must  guarantee  their  readiness  by 
completing  a  high-quality  self-test  within  tens  of  seconds  after  power-up. 

While  ANSI/IEEE  Standard  1149.1  focuses  on  the  chip  level,  a  second  standard  is 
also  currently  being  drafted  to  address  the  system  level.  IEEE  Standard  1149.5, 
“Module  Test  and  Maintenance  Bus"  defines  a  uniform  method  of  communicating 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


78 


CRTA-CE 


test,  maintenance,  and  other  support  information  between  a  system-level  test 
processor  and  a  module-level  controller  thus  providing  system  level-test  capability 
in  addition  to  chip-level  test. 

5.6  Testability  References 

[1]  "RADC  Testability  Notebook,"  RAIX!-TR-189,  June  1982,  Section  II,  Task 
Reference  Number  V4B 

[21  ANSI/IEEE  Standard  1149.1,  'IEEE  Standard  Test  Access  Port  and  Boundary- 
Scan  Architecture" 

[3]  MIL-STD-2165  Testability  Progrtim  for  Electronic  Systems  and  Equipments 

[4]  Unkle,  R.,  "Testability  Design  and  Assessment  Tools,"  CRTA-TEST, 
Reliability  Analysis  Center,  December  1991 

[5]  Maunder,  C.M.,  Tulloss,  R.E.,  'Testability  on  TAP,"  IEEE  Spectrum,  February 
1992 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


SECTION  6 

COMPLEMENTARY  EFFORTS  AND 

ACTIVITIES 


CRTA-CE 


81 


6.0  COMPLEMENTARY  EFFORTS  AND  ACTIVITIES 

DoD  Directive  5000.1,  "Defense  Acquisition,"  dated  23  February  1991,  and  DoD 
5000.2,  "Defense  Acquisition  Program  Procedures,"  also  dated  23  February  1991, 
(which  replaces  DoD  Directive  5000.40,  "Reliability  and  Maintainability,")  require 
program  plans  submitted  by  DoD  equipment  contractors  to  provide  for  a  systems 
engineering  approach  to  the  simultaneous  design  of  the  product  and  its  associated 
manufacturing,  test,  and  support  process.  Thus,  these  two  latest  DoD  Directives 
fully  support  CE  in  DoD  procurements. 

6.1  Computer-Aided  Acquisition  and  Logistics  (CALS) 

A  very  prominent  Department  of  Defense  (DoD)  activity  in  a  closely  related  area 
is  that  of  Computer-Aided  Acquisition  and  Logistics  Support  (CALS).  CALS  does 
not  mandate  the  use  of  CE,  but  it  strongly  encourages  the  use  of  CE  by  establishing 
standards  for  Automatic  Data  Processing  (ADP)  hardware  and  software  that  are  to  be 
used  within  the  DoD  community. 

CALS  is  a  DoD  and  industry  strategy  to  accelerate,  the  integration  of  digital 
technical  information.  The  primary  goal  of  CALS  is  the  eventual  delivery  of  DoD 
product  design  and  support  documentation  via  digital  means  rather  than  hardcopy. 

CALS  compliments  CE  by  mandating  the  mechanisms  and  the  protocols  by 
which  the  electronic  data  transfer,  so  important  to  the  effective  functioning  CE,  are 
to  take  place.  CALS  will  significantly  impact  the  use  of  CE  in  all  DoD  contracting. 

MIL-STD-1840,  "Automated  Interchange  of  Technical  Information,"  and  MIL- 
HDBK-59,  "DoD  Computer-Aided  Acquisition  and  Logistic  Support  (CALS)  Program 
Implementation  Guide,"  are  the  two  most  prominent  DoD  specifications  in  the 
CALS  hierarchy  of  documents. 

6.2  MIL-HDBK-59  Requirements 

MIL-HDBK-59  is  the  implementation  guide  for  CALS.  Its  basic  purpose  is  to 
assist  acquisition  managers  in  the  transition  from  paper-intensive  processes  to 
digital  data  delivery  and  access.  It  also  supports  the  structuring  of  contract 
requirements  to  achieve  integration  of  various  contractor  automated  capabilities  for 
design,  manufacturing,  and  logistics  support.  Specific  objectives  of  CALS  stated  in 
MIL-HDBK-59  are: 

a)  To  accelerate  the  integration  of  automated  design  tools  (e.g.  R  &  M  tools) 
into  contractor  computer-aided  design  and  engineering  systems  as  a  part  of 
a  systematic  approach  that  simultaneously  addresses  the  product  and  its 
life-cycle  manufacturing  and  support  requirements. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


82 


CRTA-CE 


b)  To  encourage  the  reduction  and  eventual  elimination  of  data  duplication 
and  to  accelerate  the  automation  of  contractor  processes  for  generating 
weapon  system  technical  data  in  digital  form. 

c)  To  rapidly  increase  DoD's  capability  to  receive,  store,  distribute  and  use 
system  technical  data  in  digital  form  to  improve  life-cycle  maintenance, 
training,  and  spare  parts  reprocurement,  and  other  support  processes.  The 
near  term  goal  of  CALS  is  the  implementation  of  increased  levels  of 
interfaced,  or  integrated,  functional  capabilities,  and  specification  of 
technical  requirements  for  the  delivery  of  technical  data  to  the 
government  in  digital  form.  It  attempts  to  achieve  this  by  supporting  the 
structuring  of  contract  requirements  to  achieve  integration  of  various 
contractor  automated  capabilities  for  design,  manufacturing,  and  logistic 
support. 

The  longer  term  goal  of  CALS  is  the  integration  of  industry  and  DoD  databases  to 
share  common  data  in  cm  integrated  weapon  system  database.  It  is  anticipated  that 
all  future  contracts  will  require  data  deliverables  to  the  government,  be  in  digital 
form. 

MIL-HDBK-59  sets  forth  the  following  time  schedule  and  specific  actions  for  the 
implementation  of  these  goals: 

1)  For  systems  entering  full  scale  development  or  production  before 
September,  1988  -  Review  specific  opportunities  for  cost  savings  or  quality 
improvements  by  changing  paper  deliverables  to  digital  delivery  using 
CALS. 

2)  For  systems  entering  full  scale  development  after  September,  1988  -  Cost 
and  schedule  proposals  are  specifically  required  to  address:  a)  the 
integration  of  technical  information  systems  and  processes,  b)  authorize 
government  access  to  contractor  databases,  and  c)  delivery  of  technical  data 
in  digital  form.  These  proposals  are  to  be  given  significant  weight  for  their 
cost  and  quality  implications  in  source  selection  decisions. 

Appendix  A  of  MIL-HDBK-59  gives  an  overview  of  CALS  strategies  and 
requirements,  as  well  as  a  list  of  federal  and  military  standards,  specifications, 
definitions,  and  acronyms  related  to  CALS  implementation. 

Appendix  B  provides  decision  guidance  and  model  contracting  language  for 
tailoring  the  wording  of  DoD  Requests  for  Proposals  (RFPs)  and  Contract  Data 
Requirements  Lists  (CDRLs)  to  enable  integrated  preparation  and  delivery  of,  or 
access  to,  digitized  data  required  for  design,  manufacturing,  and  support  application. 

Appendix  C  provides  guidance  for  establishing  RFP  and  CDRL  requirements  for 
integrating  computer-based  methods  and  supporting  technologies  to  incorporate 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,Rome,  NY  13440  -6916  •  315-337-09(X) 


CRTA-CE 


83 


reliability  and  maintainability  engineering  and  logistic  support  analysis  in 
computer-aided  concurrent  engineering  environments. 

Appendix  D  includes  detailed  guidance  and  technical  information  for 
establishing  RFP  and  CDRL  requirements  for  using  physical  media  and 
telecommunication  networks  to  deliver  technical  data  in  digital  form,  or  to  gain 
access  to  contractor  data  bases. 

Appendix  E  provides  guidance  and  model  contracting  language  for  tailoring  RFP 
and  CDRL  requirements  to  ensure  the  integrity  and  confidentiality  of  CALS  assets  to 
the  maximum  extent  practical  within  existing  regulations,  procedures,  and 
technology. 

6.3  MIL-STD-1840  Requirements 

The  purpose  of  MIL-STD-1840  is  to  standardize  the  digital  interface  between 
organizations  or  systems  exchanging  digital  forms  of  technical  information 
necessary  for  the  logistic  support  of  weapon  systems  throughout  their  life  cycle. 
This  is  an  integral  part  of  Computer-Aided  Acquisition  and  Logistic  Support  (CALS) 
-  the  DoD  and  industry  strategy  to  accelerate,  the  integration  of  digital  technical 
information. 

The  standard  addresses  technical  information  such  as  training  and  maintenance 
manuals  with  their  associated  illustrations;  production  definition  data,  such  as  the 
engineering  drawings  and  specifications  which  are  part  of  the  traditional  technical 
data  packages  used  for  item  acquisition;  and,  the  evolving  product  data  concept 
which  provides  for  transfer  and  archival  storage,  of  the  product  information 
necessary  to  the  acquisition  process,  in  a  form  directly  usable  by  computer 
applications. 

It  standardizes  the  format  and  information  structures  of  digital  data  files  used  for 
the  transfer  and  archival  storage  of  digital  technical  information.  The  format, 
information  structures,  and  transfer  procedures  established  therein  are  applicable  in 
all  cases  where  the  information  can  be  prepared  and  received  in  the  form  of  ASCII 
text  files,  product  definition  data  files,  raster  image  files,  or  graphic  files. 

Some  of  the  more  germane  topics  addressed  in  the  standard  are: 


Paragraph 

Topic 

4.1.1 

Document  Types 

4.1.2 

Product  Data 

5.1 

File  Structure  for  Transfer 

5.2 

Media  Options 

5.3 

Packaging 

6.4 

Transfer  of  Textual  Data 

Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


84 


CRTA-CE 


Appendix  A  to  MIL-STD-1840,  "Raster  Data  Requirements"  -  describes  the 
requirements  for  the  preparation  of  the  files  containing  the  raster  form  of 
illustration  or  product  data  and  is  a  mandatory  part  of  the  standard  for  raster  data 
applications. 

6.4  Some  Other  DoD  and/or  Industry  CE  Initiatives 

6.4.1  DICE 

DICE  (Defense  Advanced  Research  Projects  Agency  Initiative  in  Concurrent 
Engineering)  is  a  government-industry  consortium  to  encourage  the  practice  of 
concurrent  engineering  in  the  US  military  and  industrial  base.  (DARPA  is  the 
Defense  Advanced  Research  Projects  Agency.)  DICE'S  mission  includes  developing, 
integrating,  and  disseminating  technologies  for  use  in  the  concurrent  engineering 
community.  The  consortium's  overall  goal  is  to  develop  an  architecture  for 
concurrent  engineering  in  which  the  people  working  on  a  project  can  instantly 
communicate  with  each  other  and  access,  share,  and  store  up-to-date  information  in 
a  transp2irent  way,  unhindered  by  geographic  separation,  organizational  structure, 
product  complexity,  and  incompatible  tools,  databases,  and  computing  resources.  It 
tries  to  simulate  small-team  interactions  among  people  in  large,  dispersed 
organizations  and  give  them  the  same  freedom  of  interaction  and  information 
exchange  as  is  enjoyed  by  a  small  team  working  in  the  same  room. 

A  coalition  of  more  than  a  dozen  industries,  software  companies,  and 
universities  conducts  DICE  research  for  DARPA.  West  Virginia  University's 
Concurrent  Engineering  Research  Center  (CERC)  in  Morgantown,  WV  plays  a 
leading  role  among  industrial  laboratories  and  universities  in  developing  generic 
services  and  it  operates  one  of  the  principle  vehicles  for  accomplishing  DICE'S 
mission:  a  concurrent  engineering  testbed.  It  also  focuses  on  requirements 
management,  an  area  relatively  untouched  to  date  by  automation. 

6.4.2  CAD  Framework  Initiative 

The  CAD  Framework  Initiative  (CFI)  is  a  not-for-profit  corporation  with  open 
membership  committed  to  the  development,  publication,  and  adoption  of  interface 
guidelines  for  CAD  systems.  CFI  was  formed  to  create  standards  so  that  software 
packages  from  different  vendors  could  effectively  work  together.  The  CFI  Mission  is 
'To  create  a  free  market  model  for  engineering  design  and  analysis  (EDA)  tools  and 
their  supporting  framework  environments,  via  development  of  framework 
guidelines  that  remove  barriers  to  integration." 

These  packages  are  then  able  to  transfer  information  because  they  have  been 
adapted  to  work  with  the  CFI  procedural  interface  (PI).  For  example,  they  are  able  to 
read  and  write  netlists  in  the  format  defined  by  the  PI  so  the  interface  is  able  to 
move  information  between  them. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


85 


Related  to  this  is  the  CAD  Framework  Laboratory  (CFL).  The  CFL  Mission  is  'To 
support  the  requirements  of  the  CFL  affiliates  with  regard  to  CAD  framework 
standardization." 

6.4.3  RAMCAD 

Reliability,  Availability  and  Maintainability  in  Computer-Aided  Design 
(RAMCAD)  is  a  two-phase  development  effort  jointly  funded  by  the  Air  Force  and 
the  Army.  The  overall  purpose  of  RAMCAD  is  to  increase  weapon  system  support 
and  readiness  by  integrating  reliability  and  maintainability  into  the  design  process 
up-front.  The  first  part  of  RAMCAD  stresses  the  use  of  integrated  software  packages 
performing  reliability,  maintainability  and  supportability  analyses  on  CAD 
workstations  used  for  electronic,  mechanical  and  structural  design.  The  use  of  on¬ 
line  computer-aided  design  tools  promotes  rapid  assessment  of  the  R&M 
characteristics  of  a  design,  allowing  the  designer  to  optimize  supportability. 

The  second  part  includes  conducting  research  into  the  use  of  artificial 
intelligence  to  aid  in  analyzing  a  design  for  various  R&M  attributes  and  suggesting 
ways  to  improve  the  design.  This  will  provide  the  designer  with  push-button  access 
to  CAE  and  R&M  tools  right  from  his/her  own  CAD  system  for  fast  R&M  review  of 
the  design.  The  intent  of  the  RAMCAD  efforts  is  to  establish  a  cooperative  effort 
between  universities  and  industry  to  conduct  research  and  development  in  these 
two  areas. 

6.5  Complementary  Efforts  and  Activities  References 

[1]  Keene,  S.,  "Software  Reliability  Directions,"  Reliability  Review,  ASQC, 
March  1991 

[2]  The  5th  Annual  Leesburg  Workshop,  Reliability  and  Maintainability  in 
Computer-Aided  Engineering,  Concurrent  Engineering:  Defining  the 
Requirements,  Ellicott  City  MD,  Sept  30  -  Oct  3, 1991 

[3]  The  4th  Annual  Leesburg  Workshop  on  R  &  M  in  Concurrent  Engineering 
Leesburg  VA,  Oct  9  -11, 1990 

[4]  Carver,  G.  P.,  "Concurrent  Engineering  Through  Product  Data  Standards," 
National  Institute  of  Standards  and  Technology,  Manufacturing 
Engineering  Laboratory  Factory  Automation  Systems  Division, 
Gaithersburg  MD,  May  1991,  (NISTIR  4573) 

[5]  Shumaker,  G.  C.,  "Integrated  Product  Development  Program  Strategy," 
Concurrent  Engineering  Office,  Wright-Patterson  AFB  OH,  July  1990 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440-6916  •  315-337-0900 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,Rome,  NY  13440  -6916  •  315-337-0900 


SECTION  7 

CURRENTLY  AVAILABLE 
AUTOMATED  TOOLS 


CRTA-CE 


89 


7.0  REPRESENTATIVE  CURRENTLY  AVAILABLE  AUTOMATED  TOOLS 

CE  often  emphasizes  the  extensive  use  of  a  variety  of  automated  tools  to  assist 
the  design  team.  Various  automated  tools  are  used  by  each  of  the  different 
engineering  specialities.  Automated  "expert  systems"  are  often  used  to  capture  and 
apply  accumulated  knowledge  and  experience  inherent  in  product  design,  test,  and 
manufacturability  or  other  engineering  disciplines. 

A  large  variety  of  software  packages  are  currently  available  to  assist  the  designer 
in  accomplishing  robust  product  design.  A  compendium  of  some  of  the  currently 
available  automated  lools  is  presented  in  Reliability  and  Maintainability  Software 

Tools  (RMST-91)  published  by  the  Reliability  Analysis  C _ ,  March  1991  and  in 

Reference  [1].  It  should  be  recognized,  however,  that  this  is  a  very  rapidly  changing 
field  and  it  is  virtually  impossible  to  maintain  a  completely  thorough  and  up-to- 
date  listing  of  all  of  the  available  software  products  and  their  detailed  capabilities  at 
any  given  time. 

Automated  tools,  such  as  these,  can  be  used  to  greatly  simplify  necessary  design, 
simulation  and  analysis  tasks.  At  the  same  time,  however,  we  should  also  be  aware 
of  and  concerned  with  the  major  limitations  of  the  various  automated  tools. 
Knowing  when  not  to  use  a  specific  tool  is  as  important  as  knowing  when  to  use  it. 

When  addressing  these  tools  we  should  consider  what  common  input  data  and 
what  unique  input  data  each  tool  will  require,  and  what  is  involved  in  exchanging 
the  necessary  data  between  the  various  software  packages.  This  is  necessary  because 
most  of  the  automated  tools  available  today  were  originally  developed  as  "stand¬ 
alone "  tools.  They  were  developed  independently  by  various  software  vendors  to 
perform  a  specific  task  and  were  optimiz^  to  do  that  task  well,  with  little  regard  to 
how  the  tool  would  interface  with  other  automated  tools  (e.g.,  sharing  common 
data  and  integration  of  the  results  of  the  tool's  implementation  into  a  complete  and 
coherent  design  documentation  package). 

C.E.  software  tools  can  generally  be  grouped  into  the  following  major  groups: 

1.  Electrical  and  Electronic  Design  Analysis  Tools 

2.  Thermal  Analysis  Tools 

3.  Electromagnetic  Design  and  Analysis  Tools 

4.  Reliability  Analysis  Tools 

5.  Maintainability  Analysis  Tools 

6.  Mathematical  or  Graphical  Analysis  Tools 

7.  Testability  Analysis  Tools 

8.  Finite  Element  Analysis  Tools 

Student  and  evaluation  versions  of  many  programs  are  available  at  greatly 
reduced  prices,  thus  giving  the  potential  purchaser  an  opportunity  to  test  out  most 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


90 


CRTA-CE 


of  the  features  of  a  given  program  or  to  compare  various  similar  programs  before 
making  a  major  purchase  commitment. 

All  of  the  following  material  related  to  computer  analysis  programs,  software 
packages  etc.,  and  that  are  identified  by  acronym  and/ or  vendor  name  is  presented 
for  information  purposes  only.  The  RAC  does  not  endorse  their  specific  use  or 
attest  to  their  qu^ity. 

7.1  Electrical  and  Electronic  Design  Analysis  Tools 

A  decade  ago,  a  typical  analog  or  digital  circuit  designer  worked  at  a  desk  doing 
the  initial  design  work  using  pencil  and  paper  and  a  hand  held  calculator.  He  then 
moved  to  the  laboratory  to  build  a  breadboard  circuit  and  verify  its  performance. 
Today  most  of  this  design  effort  is  performed  on  an  engineering  workstation  or 
personal  computer  using  a  variety  of  commercial  software  programs.  Using  these 
tools,  the  design  can  be  executed  more  precisely  in  far  less  time. 

7.1.1  Schematic  Capture  Packages 

The  most  indispensable  tool  and  the  first  automated  tool  which  a  designer  will 
probably  use  is  a  schematic  capture  package.  An  ideal  schematic  capture  program 
should  perform  three  important  functions.  First,  the  tool  should  document  the 
design  by  fimction  (draw  block  diagrams)  and  by  component  (draw  circuit  diagrams). 
Second,  it  should  provide  a  complete  list  of  components  needed  for  the  design  (a 
parts  list),  and  show  the  functional  interconnection  of  these  components  (generate  a 
netlist).  Finally,  the  tool  should  provide  a  means  of  creating  the  inputs 
subsequently  needed  by  a  circuit  simulator  so  that  the  designer  can  test  and 
troubleshoot  the  design  before  building  any  hardware. 

Schematic  capture  tools  enable  the  generation  of  netlists  directly  from  the 
schematic  and  then  allow  direct  printing  of  the  schematics  using  standard  ANSI 
characters.  A  netlist  provides  a  narrative  circuit  description  in  terms  of  its  structural 
elements  and  interconnections.  Netlists  are  used  as  inputs  to  a  variety  of  automated 
circuit  analysis  tools.  Different  packages  can  create  netlists  with  various  formats. 
Schematic  capture  tools  usually  contain  a  broad  library  of  standard  graphical  part 
symbols  and  part  attributes.  They  should  also  include  circuit  and  S)nnbol  editors  to 
allow  for  the  creation  of  new  symbols  and  definition  of  new  part  attributes  as 
needed. 


Most  of  the  better  schematic  capture  tools  include  some  electrical  rule  checking 
capability  and  most  of  them  use  a  mouse,  trackball,  or  pointer  to  facilitate  drawing 
and  editing  electronic  symbols  and  circuits. 

An  example  of  a  typical  circuit  and  its  applicable  netlist  is  shown  in  Figure  10. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


91 


+10V 


EXAMPLE  OF  A  SPICE  NETLIST 


Vin 

0 

1 

DCOV 

AC 

lOV 

V2 

3 

0 

lOVDC 

V3 

5 

0 

ISVDC 

V4 

6 

0 

-15VDC 

R1 

3 

2 

lOK 

R2 

1 

2 

lOK 

R3 

2 

4 

30K 

R4 

7 

0 

4.3K 

U1 

7 

2 

5  6 

4 

LM324 

nCURE  10:  EXAMPLE  aRCUIT  AND  APPLICABLE  NETUST 

Some  of  the  popular  analog  circuit  simulation  and  analysis  tools  incorporate 
schematic  capture  as  an  integral  function  of  the  package  possibly  eliminating  the 
need  to  purchase  a  separate  schematic  capture  package. 


Some  popular  schematic  capture  automat«Ki  tools  include: 
OrCAD/SDT  HI  by  OrCAD 
OiCAD 

3175  N.W.  Aloclek  Dr. 

HiUsboro,  OR  97124-7135 
503)  690-9881 
FAX  (503)  690-9891 


Schema  HI  by  Omation  Inc. 

Omation  Inc. 

1701  N.  Greenville  Ave. 

Richardson,  TX  75081 

(214)  231-5167 

7.1.2  Analog  Circuit  and  Digital  Logic  Simulation  and  Analysis  Tools 

In  the  early  1960s  military  requirements  led  to  the  development  of  mathematical 
simulation  of  electronic  components  (capacitors,  semiconductors,  etc.)  to  determine 
their  response  to  pulsed  X-Ray  and  gamma  radiation.  These  simulation  studies 
were  later  extended  to  small  circuits  to  study  their  response  to  the  same  radiation 
conditions.  This  early  work  resulted  in  the  first  circuit  analysis  programs. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


92 


CRTA-CE 


Most  analog  circuit  simulators,  in  use  today,  trace  their  heritage  back  to  the 
Simulation  Program  with  Integrated  Circuit  Emphasis  (SPICE)  developed  by  the 
University  of  California  at  Berkeley  in  the  early  1970s.  Many  different  versions  of 
SPICE  are  currently  available  for  both  IBM-compatible  and  Macintosh  personal 
computers.  Enhanced  versions  of  SPICE  capable  of  handling  even  larger  circuits  are 
also  available  for  the  more  powerful  engineering  workstations. 

One  of  the  most  important  advantages  that  computer-aided  design  offers  the 
designer  is  the  ability  to  thoroughly  check-out  circuit  performance  before  making 
breadboard  units  or  other  hardware  commitments.  Both  analog  and  digital  circuit 
simulators  make  it  relatively  easy  for  the  designer  to  test  alternative  designs  and 
correct  design  deficiencies  or  oversights  without  major  expense  early  in  the  design 
phase.  Analog  and  digital  circuit  simulators  give  the  designer  the  capability  to  do 
real  time  circuit  analysis. 

At  present,  analog  circuit  and  digital  circuit  analysis  usually  require  different 
software  packages.  Although  some  packages  claim  to  handle  both  types  of  analysis, 
the  package  is  usually  optimized  for  digital  analysis  or  for  analog  circuit  analysis,  but 
not  for  both.  Digital  simulation  packages  provide  the  designer  with  a  logic  analyzer 
display  while  analog  simulation  provides  an  oscilloscope  display.  All  major  circuit 
simulation  packages  use  netlists  generated  by  schematic  capture  tools  as  their  basic 
means  of  input.  Circuit  simulation  packages  also  provide  extensive  libraries  of 
component  models  and  the  model  parameters  needed  to  perform  the  analyses. 

The  availability  and  use  of  software  tools  to  assist  in  circuit  analysis  has  placed 
greater  emphasis  on  appropriate  circuit  modeling.  The  accuracy  of  simulation 
results  is  no  better  than  the  accuracy  of  the  model  representing  the  circuit.  There  are 
two  general  types  of  models  used  by  these  tools:  Physical  models  and  Behavioral 
models. 

Physical  models  attempt  to  replicate  the  individual  elements  in  a  device.  Each 
component  of  a  physical  model  is  equivalent  to  a  component  of  the  device.  These 
models  are  generally  quite  complex  and  require  a  significant  amount  of  processing 
time  (i.e.,  they  run  much  slower  on  any  given  computer).  They  do  provide  accurate 
results  for  most  (but  not  all)  device  parameters. 

In  contrast,  behavioral  models  attempt  to  simulate  the  behavior  of  a  device. 
This  type  of  model  consists  of  components  which  have  no  physical  relationship  to 
the  device.  These  models  generally  require  less  processing  time  (i.e.,  they  run  faster 
on  a  given  computer)  and  they  also  provide  accurate  results  for  most  (but  not  all) 
device  parameters. 

The  trend  in  industry  today  is  towards  the  use  of  behavioral  models  rather  than 
physical  models  for  complex  active  devices.  They  produce  sufficiently  accurate 
results  in  considerably  less  time.  The  device  manufacturer  is  frequently  becoming 
the  source  for  these  models. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..  Rome,  NY  13440  -6916  •  315-337-0900 


CRTACE 


93 


Both  types  of  models  are  usually  based  on  typical  device  parameters  and  would 
have  to  be  modified  to  represent  worst  case  device  parameters  for  certain  analyses. 
Analog  tools  frequently  use  behavioral  modeling  to  allow  flexible  definition  of  the 
component  models  or  even  entire  circuit  functions  either  by  the  use  of  a  formula  or 
look-up  tables. 

Most  circuit  simulation  packages  have  the  capability  to  perform  a  sensitivity 
analysis  and  either  Worst  Case  or  Monte  Carlo  analysis  to  account  for  component 
tolerances  and  environmental  changes.  Some  packages  also  support  mixed  analog 
and  digital  circuit  simulation,  although  they  are  optimized  for  either  one  type  of 
circuit  or  the  other  but  not  both.  This  is  can  be  an  important  consideration  for 
circuits  with  tightly  coupled  feedback  between  the  analog  and  digital  sections. 

Other  analysis  capability  common  to  most  of  the  better  analog  circuit  simulation 
packages  include:  AC  Sweep,  DC  Sweep,  Noise,  Transient  Analysis,  Fourier 
Analysis,  Small  Signal  Transfer  Function,  Monte  Carlo,  and  Worst  Case  Analysis. 
Ideally,  all  of  these  analyses  should  allow  temperature  conditions  to  be  varied  to 
illustrate  its  effect  on  the  circuit. 

A  more  extensive  listing  and  detailed  discussion  of  currently  available 
automated  analog  and  digital  simulation  software  together  with  a  detailed 
comparison  between  them  may  be  foimd  in  Reference  [1]. 

Examples  of  available  analog  circuit  simulation  and  analysis  packages  include: 

PSPICE  by  MicroSim  Corp. 

MicroSim  Corp. 

20  Fairbanks 
Irvine,  CA  92718 
(800)  245-3022 
FAX  (714)  455-0554 

IsSpice  by  Intusoft 

Intusoft 
P.O.  Box  710 

SanPedro,CA  90733-0710 
(213)  833-0710 
FAX  (213)  833-9658 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


94 


CRTACE 


Examples  of  available  digital  circuit  simulation  and  analysis  packages  include: 

OrCAD/ VST  by  OrCAD 
OrCAD 

3175  N.W.  Aloclek  Dr. 

Hillsboro,  OR  97124-7135 
(503)  690-9881 
FAX  (503)  690-9891 

Schema  Susie  by  Omation  Inc. 

Omation  Inc. 

1701  N.  Greenville  Ave. 

Richardson,  TX  75081 
(214)  231-5167 

MICRO-LOGIC  by  Spectrum  Software 

Spectrum  Software 
1021  S.  Wolfe  Rd. 

Sunnyvale,  CA  94086 
(408)  738-4387 

7.2  Thermal  Analysis  Tools 

Proper  thermal  design  is  a  very  important  consideration  for  robust,  highly 
complex,  electronic  circuit  designs.  Historically,  many  reliability  problems  have 
been  the  result  of  poor  thermal  design.  Some  studies  have  shown  that  resources 
expended  on  optimizing  the  thermal  design  produce  a  higher  return  on  investment 
than  any  other  single  design  reliability  technique.  One  factor  contributing  to  the 
difficulty  of  proper  thermal  design  is  that  typical  parameter  tolerances  used  in 
thermal  design  are  much  greater  than  typical  electrical  parameter  tolerances. 

Compared  to  reliability  prediction  tools  for  example,  there  are  only  a  limited 
number  of  automated  thermal  analysis  packages  available  to  assist  in  the  robust 
circuit  design  effort.  Two  important  non-automated  thermal  design  resources 
which  designers  should  be  familiar  with  are  References  [2]  and  [3]. 

Examples  of  available  automated  thermal  analysis  packages  include: 

PREVIEW  by  System  Effectiveness  Associates,  Inc. 

SEA 

20  Vernon  Street 
Norwood,  MA  02062 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


95 


(617)762-9252 

SAUNA  by  Thermal  Solutions,  Inc. 

Thermal  Solutions,  Inc. 

3135  S.  State  St.,  Smte  300 
Ann  Arbor,  MI  48108 
(315)  761-1956 
FAX:  (313)  761-9586 

BETA  Soft  by  Dynamic  Soft  Analysis,  Inc. 

Dynamic  Soft  Analysis,  Inc. 

213  Gugasuta  Road 
Pittsburgh,  PA  15215 
(412)  781-3016 

7.3  Electromagnetic  Design  and  Simulation  Tools 

As  engineers  attempt  to  design  devices  that  operate  at  higher  frequencies  and 
that  are  smaller,  more  efficient,  precise,  sensitive  and  reliable,  while  being  less 
expensive,  the  need  to  reckon  with  field  electromagnetic  effects  grows  steadily  in 
importance.  The  need  for  powerful  automated  analysis  and  simulation  tools  to 
address  increasingly  complex  electromagnetic  (EM)  fields  which  all  electrical  devices 
emit  is  more  prevalent  than  ever. 

These  automated  tools  help  designers  to  visualize  and  manipulate  EM  fields  and 
enable  them  to  design  modern  complex  products  without  building  a  physical 
prototype,  extensively  testing  the  prototype  then  redesigning  the  circuit  as  was 
formerly  needed  to  accommodate  unforeseen  EM  effects.  Field  simulation  models 
also  help  to  determine  the  impact  of  unforeseen  changes  during  manufacturing  due 
to  variations  in  materials  and  facilities. 

The  phenomena  that  can  be  analyzed  with  field  simulator  tools  vary  immensely. 
Since  electromagnetic  fields  behave  quite  differently  at  various  frequencies, 
engineers  designing  devices  may  require  particular  features  in  their  tools.  Those 
working  with  static  and  low-frequency  fields  are  often  interested  in  capacitances  and 
inductances.  Designers  of  magnetic  devices  are  often  concerned  with  saturation. 
Engineers  designing  with  high-frequency  digital  signals  worry  about  return  loss  and 
the  crosstalk  between  conductors. 

Modem  EM  simulation  tools  are  based  upon  either  the  finite-elemen:  or  the 
boundary-element  method  of  analysis.  The  basic  idea  of  both  of  the  methods  is  to 
divide  the  device  to  be  simulated  into  a  large  number  of  small  regions  called  finite 
elements  and  to  represent  either  the  field  or  the  source  of  the  field  in  each  element 
with  discrete  variables.  Interactive  graphics  and  solid  modeling  procedures  are  used 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St,  Rome,  NY  13440  -6916  •  315-337-0900 


96 


CRTA-CE 


to  enter  complicated  geometries.  After  the  solid  model  is  created,  material 
properties  such  as  the  dielectric  constant  and  the  electrical  conductivity  eire  assigned 
to  each  object  in  the  model. 

Electromagnetic  field  simulation  involves  solving  Maxwell's  equations,  which 
completely  describe  the  behavior  of  electromagnetic  fields.  The  finite-element 
method  expresses  these  four  equations  in  terms  of  differential  equations,  while  the 
boundary-element  method  employs  integral  equations.  The  types  of  products  that 
can  be  addressed  by  these  powerful  new  automated  EM  tools  are  quite  diverse  and 
include:  integrated  circuits,  printed-circuit  boards,  electromechanical  devices,  and 
high-voltage  components.  However,  solving  field  problems  is  still  relatively 
expensive,  it  is  highly  computation-intensive,  thus  either  powerful  workstations 
are  required  or  computation^  time  will  be  extensive. 

With  these  tools,  the  designer  can  observe  the  EM  effects  of  potential  design 
changes  without  extensive  laboratory  tests  and  before  any  hardware  is  built.  For 
example,  designers  can  develop  high-speed  digital  and  radio-frequency/microwave 
products  that  function  properly  from  the  outset  and  they  can  do  so  in  an 
increasingly  cost-competitive  environment.  The  newer  packages  also  further  assist 
the  designer  by  offering  direct  links  between  the  EM  simulators  and  the  ubiquitous 
SPICE  circuit  simulators.  References  [4]  and  [5]  contain  additional  information 
regarding  this  topic  and  they  also  identify,  describe  and  compare  an  extensive  list  of 
the  currently  available  automated  tools. 

An  example  of  an  electromagnetic  design  and  simulation  tool  is: 

HSPICE  by  Meta-Software  Inc. 

Meta-Software 
1300  White  Oaks  Rd. 

Campbell,  CA  95008 

(408)  371-5100,  FAX  (408)  371  5638 

7.4  Reliability  Analysis  Software  Tools 

There  are  a  significant  number  of  reliability  analysis  software  packages  currently 
available,  the  majority  of  them  dealing  with  reliability  prediction.  However,  more 
and  more  reliability  and  maintainability  tasks  are  l^ing  automated  by  software 
vendors. 

Many  of  the  available  reliability  software  packages  allow  the  importation  of 
netlist  files  and  data  files  or  specific  data  elements  created  by  other  software 
packages.  Through  data  conversion  utilities,  input  to  reliability  analysis  software 
can  be  performed  rapidly,  resulting  in  expedited  information  processing.  For 
example,  schematic  capture  tools  can  extract  the  necessary  data  from  the  schematic 
drawings  which  then  feed  circuit  simulation  tools  to  compute  component  stress 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


97 


factors  for  voltage  and  power.  These  data  elements,  along  with  physical 
characteristic  data  such  as  component  complexity,  rated  parameters  and  packaging 
information  obtained  from  part  libraries,  can  feed  reliability  prediction  programs  to 
yield  part  or  assembly  failure  rates.  The  failure  rates  produced  by  the  reliability 
prediction  packages  may  then  be  used  as  inputs  to  FMECA,  Maintainability 
Prediction  and  Testability  tools.  This  data  flow  enables  near  real-time  automated 
analysis  of  the  design  starting  with  the  original  schematic  drawing  files. 

Some  of  the  reliability  and  maintainability  analysis  packages  illustrated  herein 
may  be  compatible  with  automated  tools  already  in  use  at  a  given  facility.  This 
feature  alone  could  save  hundreds  of  manhours  on  medium  and  large  projects  by 
significantly  reducing  data  input  time  and  errors.  By  intelligently  procuring 
compatible  analysis  tools  to  develop  an  integrated,  computer-aided  engineering  and 
design  environment,  reliability  and  maintainability  analyses  can  effectively  be 
performed  early  in  the  design  phase. 

Most  of  the  various  software  vendors  are  moving  toward  providing  open 
structures  for  their  programs  and  data  files  to  facilitate  file  importation  and  export. 
Other  factors  being  equal,  consumers  should  steer  away  from  vendors  who  provide 
tools  which  operate  only  in  a  stand-alone  manner. 

It  is  important  to  remember  when  selecting  a  specific  tool  that  reliability 
modeling  and  reliability  prediction  are  separate  and  distinct  tasks.  This  difference 
was  explained  and  illustrated  in  section  3.1.1  dealing  with  MIL-STD-756.  While  the 
majority,  if  not  all,  of  the  available  automated  reliability  prediction  tools  can  model 
simple  series  system  configurations,  not  all  of  them  have  the  capability  of  modeling 
complex  redundant  equipment  configurations  and  few,  if  any,  can  directly  handle 
MARKOV  modeling  of  nodal  networks  and  fault  tolerant  systems. 

7.4.1  Detailed  Electronic  Part  Stress  Analysis  Reliability  Prediction 

There  are  two  distinct  types  of  detailed  stress  reliability  predictions  available: 
those  based  upon  MIL-HDBK-217  which  are  applicable  for  all  types  of  equipment 
operating  environments  (e.g.,  both  military  and  non-military);  and  those 
predictions  based  upon  something  other  than  MIL-HDBK-217.  This  second  type  of 
prediction  is  usually  based  upon  data  gathered  under  more  benign  equipment 
operating  conditions  and  hence  is  considerably  more  restricted  in  its  application. 

An  exhaustive  listing  of  available  electronic  part  stress  reliability  prediction 
packages  complete  with  the  necessary  hardware  requirements  may  be  found  in 
Reliability  and  Maintainability  Software  Tools  (RMST-91)  published  by  and 
available  from  RAC. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


98 


CRTa-CE 


7.4.1.1  MIL-HDBK-217  Based  Predictions 

MIL-HDBK-217  based  prediction  tools  are  by  far  the  most  prevalent.  A  small 
sampling  of  available  electronic  part  stress  reliability  prediction  packages  based  upon 
the  MIL-HDBK-217  methodology  include: 

Reliability  Prediction  Program  (RPP)  by  Powertronic  Systems,  Inc. 

Powertronic  Systems,  Inc. 

P.O.  Box  29019 
New  Orleans,  LA  70189 
(504)  254-0383 

REAP  (Reliability  Effectiveness  Analysis  Program) 

by  Systems  Effectiveness  Associates,  (SEA)  Inc. 

SEA  20 

Vernon  Street 
Norwood,  MA  02062 
(617)  762-9252 

RL  ORACLE  by  Rome  Laboratory  (Available  for  DoD  applications  only) 

Rome  Laboratory  (RL)/ERSR 
Attn:  George  Lyne 
Griffiss  AFB,  NY  13441-5700 
(315)  330-3068 

7.4.1.2  Non-MIL-HDBK-217  Based  PredicUons 

The  following  electronic  part  stress  reliability  prediction  programs  are 
significantly  different  than  the  preceding  programs  in  that  they  are  not  based  upon 
the  models  contained  in  MIL-riDBK-217.  Typically  they  are  based  upon  failure  data 
gathered  from  equipment  operating  in  commercial  or  benign  industrial  operating 
environments.  These  models  may  be  more  suitable  and  preferable  for  relatively 
benign  industrial  and  commercial  applications.  They  are  neither  suitable  for  nor 
acceptable  for  DoD  applications. 

Bellcore  ARPP  by  Bell  Communications 

Bell  Communications  Research,  Inc. 

290  W.  Mt.  Pleasant  Ave. 

Livingston,  NJ  07039-2729 
(800)  521-2673 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


99 


Belstress  by  Item  Software  Ltd.  MGA,  Inc. 

Item  Software  Ltd.  MGA  Inc. 

200  Baker  Ave. 

Concord,  MA  01742 
(508)369-5115 

Relex  CNET  and  Relex  Calculus  Simplifie’ s  (based  upon  the  French  CNET 

Reliability  Standard)  by  Innovative  ^ftware  Designs,  Inc. 

Innovative  Software  Designs,  Inc. 

One  Kimball  Ridge  Court 
Baltimore,  MD  21228 
(301)  747-8543 

7.4.2  Part  Count  Reliability  Prediction 

Reliability  prediction  programs  are  based  upon  the  part  count  methodology 
found  in  MIL-HDBK-217,  Appendix  A  are  presented  here.  The  part  count  method  is 
useful  during  preliminary  design  phases  when  specific  device  types  have  not  yet 
been  determined.  An  exhaustive  listing  of  available  part  count  reliability  packages 
complete  with  the  necessary  hardware  requirements  may  be  found  in  Reliability  and 
Maintainability  Software  Tools  (RMST-91)  published  by  and  available  from  RAC. 

Some  vendors  offer  both  part  stress  and  part  count  reliability  prediction 
capability  in  the  same  software  package.  This  feature  allows  the  user  to  easily 
upgrade  from  a  part  count  prediction  to  a  part  stress  prediction  as  the  design  effort 
progresses  without  having  to  reenter  all  of  the  part  data. 

Examples  of  available  part  count  electronic  reliability  prediction  packages 
include: 

PC  RAP  217  by  Prompt  Software  Company 

Prompt  Software  Company 
393  Englert  Court 
San  Jose,  CA  95133 
(408)  258-8800 

Relex  217  Parts  Count  by  Innovative  Software  Design 

Innovative  Software  Designs,  Inc. 

One  Kimball  Ridge  Court 
Baltimore,  MD  21228 
(301)  747-8543 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..  Rome,  NY  13440  -6916  •  315-337-0900 


100 


CRTA-CE 


RPC  Reliability  Part  Count  Program  by  Powertronic  Systems,  Inc. 

Powertronic  Systems,  Inc. 

P.O.  Box  29109 

New  Orleans,  LA  70139 

(504)254-0383 

7.4.3  Mechanical  Reliability  Prediction 

Mechanical  reliability  prediction  programs  are  becoming  available  which  appear 
similar  in  structure  to  the  MIL-HDBK-217  methodology.  However,  these  prediction 
programs  are  fundamentally  different  than  the  MIL-HDBK-217  methodology  in  that 
they  are  not  based  upon  the  Arrhenius  temperature-related  failure  model. 

Mechanical  failure  rate  model  development  studies  are  ongoing  and  currently 
under  the  sponsorship  of: 

Computation,  Mathematics  and  Logistics  Department 

David  Taylor  Research  Center 

Bethesda,MD  20084-5000 

Caution  is  advised  in  considering  the  purchase  of  any  mechanical  reliability 
prediction  program  as  the  methodology  which  they  use  is  not  universally  accepted. 
Users  may  require  additional  failure  rate  data  beyond  that  which  is  supplied  with 
the  software. 

Examples  of  available  mechanical  reliability  prediction  tools  based  upon  the 
David  Taylor  Research  Center  models  include: 

MRP  (Mechanical  Reliability  Prediction  Program)  by  Powertronic  Systems,  Inc. 

Powertronic  Systems,  Inc. 

P.O.  Box  29019 

New  Orleans,  LA  70189 

(504)254-0383 

MECHREL  (Mechanical  Reliability  Prediction  Program) 

by  Eagle  Technology,  Inc. 

2300  S.  Ninth  St, 

Arlington,  VA  22204 
(703)  979-8300 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


101 


7.4.4  Nonoperating  Reliability  Prediction 

Non-operating  failure  rates  are  not  currently  included  in  MIL-HDBK-217  models. 
Nevertheless,  non-operating  failure  rates  are  very  important  in  some  instances, 
particularly  where  equipment  is  subjected  to  extensive  periods  of  storage.  Non¬ 
operating  reliability  prediction  models  are  structured  similarly  to  the  operating 
models  in  MIL-HDBK-217  and  are  based  upon  an  extensive  study  sponsored  by 
RADC  (now  Rome  Laboratory)  Reference  [6]. 

Available  non-operating  reliability  prediction  automated  tools  include: 

RAC-NRPS  by  the  Reliability  Analysis  Center 

Reliability  Analysis  Center 
201  Mill  Street 
Rome,  NY  13440 
(315)  337-0900 

DORMACALC  IV  by  Sendrian  Resources  Corp. 

Sendrian  Resources  Corp. 

42  Lucas  Ave. 

Newbury  Park,  CA  91320 
(805)  499-7991 

7.4.5  Failure  Mode,  Effects  and  Criticality  Analysis  (FMECA)  Tools 

Most,  but  not  all,  of  the  currently  available  FMEA/FMECA  automated  tools  are 
based  upon  implementation  of  MIL-STD-1629,  "Procedures  for  Performing  a  Failure 
Mode,  Effects  and  Criticality  Analysis."  Precise  bookkeeping  is  a  very  important 
element  in  ensuring  the  accuracy  of  any  FMEA/FMECA.  This  bookkeeping  feature 
is  the  major  contribution  which  the  automated  FMECA  tools  have  to  offer.  This 
feature  becomes  increasingly  important  as  the  complexity  of  the  system  grows. 

Another  added  feature  some  software  packages  offer  is  the  ability  to  output 
subassembly  files  to  MIL- STD-1 388  compatible  Logistics  Support  Analysis  Record 
(LSAR)  databases.  Reliability  and  Maintainability  Software  Tools  (RMST-91) 
published  by  RAC  and  Reference  [1]  contain  extensive  listings  of  currently  available 
automated  FMEA/FMECA  tools. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


102 


CRTA-CE 


-  I 

A  sampling  of  automated  FMEA/FMECA  tools  include: 

Relex  FMECA  by  Innovative  Software  Design 

Innovative  Software  Designs,  Inc. 

One  Kimball  Ridge  Court 

Baltimore,  MD  21228 

(301)  747-8543 

1629A  FMEA/FMECA  by  Management  Sciences,  Inc. 

Management  Sciences,  Inc. 

6022  Constitution  Ave. 

Albuquerque,  NM  87110 

(505)  255-8611 

Failmode  by  Item  Software  Ltd.  MGA,  Inc. 

Item  Software  Ltd.  MGA  Inc. 

200  Baker  Ave. 

Concord,  MA  01742 

(508)  369-5115 

7.4.6  Fault  Tree  Analysis  Tools 

There  is  at  present,  no  MIL-STD  or  MIL-HDBK  documenting  the  methodology 
for  performing  a  Fault  Tree  Analysis  (FTA).  Because  of  this  and  the  intuitive  nature 
of  IT  A,  great  variations  exist  between  the  available  automated  tools.  Reliability  and 
Maintainability  Software  Tools  (RMST-91)  published  by  RAC  contains  a  more 
detailed  listing  of  available  automated  FTA  tools. 

In  considering  the  purchase  of  automated  FTA  tools  it  is  important  to 
distinguish  between  those  tools  which  simply  analyze  an  already  constructed  fault 
tree  and  those  that  are  capable  of  assisting  in  construction  of  the  fault  tree.  The 
majority  of  available  FTA  tools  address  only  the  analysis  portion  of  the  task. 

However,  constructing  the  fault  tree  is  a  major  portion  of  the  effort.  Therefore, 
tools  that  endeavor  to  automate  both  functions  are  preferred  over  those  that  address 
only  one  half  of  the  total  task. 

Available  automated  fault  tree  analysis  tools  include: 

IRRAS  (Integrated  Reliability  and  Risk  Analysis  System) 

by  Idaho  National  Engineering  Laboratory 

Idaho  National  Engineering  Laboratory 

EG&G  Idaho,  Inc. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


103 


Idaho  Falls,  ID  83415 
(208)  526-9592 

CAFA+  by  SAIC 
SAIC 

5150  El  Camino  Real,  Suite  C-31 
Los  Altos,  CA  94022 
(415)  %0-3322 

Tree  Master  by  Management  Sciences  Inc. 

Management  Sciences,  Inc. 

6022  Constitution  Ave. 

Albuquerque,  NM  87110 
(505)  255-8611 

7.4.7  MARKOV  Reliability  Modeling  Tools 

MARKOV  modeling  is  a  powerful  reliability  analysis  tool  which  allows  the 
analyst  to  model  complex  fault  tolerant  systems  that  would  otherwise  be  difficult  to 
model  with  classical  techniques.  It  is  the  most  prominent  method  in  use  today  for 
modeling  the  reliability  (or  imreliability)  of  fault  tolerant  systems.  It  is  an  extremely 
flexible  method  which  can  be  used  to  model  a  wide  variety  of  systems  and  is 
especially  useful  for  modeling  nodal  networks  and  other  complex  system 
configurations  not  easily  addressed  by  classical  redundancy  modeling. 

The  MARKOV  technique  simplifies  the  analyst's  task  by  reducing  the  problem 
from  one  of  mathematical  computation  to  one  of  state  modeling.  It  utilizes  a 
simplistic  modeling  approach,  but  a  more  complex  mathematical  approach 
requiring  computer  assistance  to  perform  the  myriad  of  necessary  calculations. 
Model  reduction  techniques  also  exist  which  yield  relatively  simple  models  with 
insignificant  impact  on  model  accuracy. 

Typically  the  MARKOV  technique  consists  of  the  following  steps: 

1.  Define  equipment  states 

2.  Define  transitions  between  states 

3.  Model  formulation 

4.  Model  reduction  -  simplification 

5.  Mathematical  solution 

There  is  at  present  no  MIL-STD  or  MIL-HDBK  documenting  the  MARKOV 
methodology. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St., Rome,  NY  13440  -6916  •  315-337-0900 


104 


CRTA-CE 


Currently  available  automated  MARKOV  modeling  tools  include: 

MARKOV  1  by  Decision  Systems  Associates 

Decision  Systems  Associates 
746  Crompton  Rd. 

Redwood  City,  CA  94061 
(415)  369-0501 

PC  Markov  by  Management  Sciences  Inc. 

Management  Sciences,  Inc. 

6022  Constitution  Ave. 

Albuquerque,  NM  87110 
(505)  255-8611 

7.4.8  Failure  Reporting.  Analysis  and  Corrective  Action  System  (FRACAS) 
Tools 

The  proper  operation  of  FRACAS  is  documented  in  MIL-STD-2155,  "Failure 
Reporting,  Analysis  and  Corrective  Action  System."  The  purpose  of  automating 
FRACAS  is  to  allow  large  volumes  of  data  to  be  handled  more  efficiently,  to 
facilitate  rapid  searching  through  the  data  to  find  similar  incidents  and  recognize 
historical  failure  patterns  in  order  to  quickly  and  efficiently  isolate  and  identify 
specific  problems  to  be  corrected.  The  intent  of  the  automated  FRACAS  tools  is  to 
help  organize  and  more  effectively  collect  and  utilize  a  companies  own  failure  data 
in  solving  applicable  equipment  problems. 


Available  automated  FRACAS  tools  indude: 


FRACAS  by  Management  Sdences,  Inc. 


Management  Sciences,  Inc. 
6022  Constitution  Ave. 
Albuquerque,  NM  87110 
(505)  255-8611 


FRACAS  (Failure  Reporting  Analysis  and  Corrective  System 
by  Advanced  Logistics  Developments,  Ltd. 

Advanced  Logistics  Developments,  Ltd. 

P.O.  Box  679 
Rishon  Lezion,  75106 
Israel 

972-3  5566651 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE  _ 105 

7.4.9  Automated  Sneak  Circuit  Analysis  (SCA)  Tools 

Although  it  is  a  potentially  powerful  analytical  tool,  SCA  has  not  been  widely 
used.  It  is  expensive,  and  has  historically  been  performed  late  in  the  design  cycle 
after  all  of  the  design  documentation  was  virtually  complete.  Subsequent  design 
changes  resulting  from  the  SCA  were  then  difficult  and  costly  to  implement.  Thus 
SCA  was  usually  limited  to  items  and  functions  critical  to  safety  or  mission  success 
or  where  other  techniques  were  not  proven  to  be  effective. 

There  have  been  some  important  recent  developments  in  SCA  technology 
however.  An  interactive,  expert  system  know  as  "SCAT"  is  now  available  to  assist 
in  identifying  and  eliminating  sneak  circuits  and  other  design  concerns.  Using 
SCAT,  analysis  may  be  performed  early  in  the  design  effort,  at  the  assembly  level 
rather  than  at  the  system  level,  to  eliminate  potential  sneak  circuits  and  reduce  the 
need  for  a  formal  sneak  circuit  analysis.  However,  since  SCAT  is  performed  only  at 
the  assembly  level  rather  than  at  the  system  level,  it  will  not  eliminate  all  sneak 
circuits  and  should  not  be  considered  as  a  replacement  for  formal  Sneak  Circuit 
Analysis. 

Two  items  of  ancillary  software  are  required  in  order  to  run  SCAT:  OrCAD/SDT 
III  -  (See  schematic  capture  section  7.1.1)  and  M.  1.  -  Expert  System. 

To  obtain  a  copy  of  SCAT  contact: 

RL/RBER 

Attn:  Edward  Depalma 
Griffiss  AFB,  NY  13441-5700 
(315)  330-2231 

For  the  M.  1.  Expert  System  contact: 

Teknowledge  Inc. 

P.O.  Box  10119 
Palo  Alto,  CA  94303 
(415)  424-0500 

7.5  Maintainability  Analysis  Tools 

The  methodology  for  performing  a  maintainability  prediction  is  documented  in 
MIL-HDBK-472.  The  majority  of  the  available  maintainability  prediction  tools, 
however,  implement  only  one  of  the  available  methods  documented  in  the 
handbook  namely;  Procedure  V,  Method  B.  This  method,  nevertheless,  is  the  most 
widely  used  method  and  the  method  most  frequently  specified  in  DoD  contracts. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..  Rome,  NY  13440  -691  315-337-0900 


106 


CRTA-CE 


It  is  also  important  to  note  that  maintainability  prediction  is  dependent  upon  the 
results  of  the  reliability  prediction  so  it  is  imperative  that  the  reliability  prediction 
tool  and  the  maintainability  prediction  tool  are  compatible. 

Available  automated  maintainability  prediction  tools  include: 

Maintain  by  Item  Software  Ltd,  MGA  Inc. 

Item  Software  Ltd.  MGA  Inc. 

200  Baker  Ave. 

Concord,  MA  01742 
(508)  369-5115 

Maintainability  Prediction  Program  (MPP)  by  Powertronics 

Powertronics  Systems,  Inc. 

P.O.  Box  29019 

New  Orleans,  LA  70189 

(504)  254-0383 

7.6  Mathematical/Graphical  Analysis  Tools 

Once  a  design  concept  has  been  developed,  a  designer  will  develop  and  solve  the 
equations  describing  the  proposed  behavior  of  the  function.  A  variety  of  math 
packages  allow  the  circuit  designer  to  do  this  on  a  personal  computer  using 
relatively  inexpensive  tools. 

In  general,  math  tools  can  be  grouped  into  two  categories,  those  that  encompass 
general  mathematical  software  and  those  that  emphasize  mathematical 
manipulation  of  matrices.  Both  types  can  solve  equations  either  numerically  or 
symbolically  and  display  results  graphically.  General  mathematics  packages  are  well 
suited  for  exploratory  analysis  or  one-of-a-kind  calculations.  However,  where  large 
or  repetitive  calculations  (number  crunching)  is  required  the  matrix-based  variety 
may  be  more  beneficial. 

Many  of  the  available  mathematical /graphical  analysis  tools  can  perform 
complex  mathematical  functions.  Statistical  analysis  packages  are  also  available. 
Extensive  plotting  and  graphing  routines  are  available  with  most  of  these  tools.  The 
transition  to  the  competitive  mass  market  has  compelled  software  vendors  to 
improve  the  user-friendliness  of  their  products.  Modem  tools  require  little  or  no 
programming  by  the  user,  but  usually  offer  features  that  allow  users  to  create 
application  programs  to  meet  their  individual  needs.  For  ease  of  use,  equations  can 
usually  be  typed  in  directly  in  "blackboard"  form. 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


107 


A  extensive  discussion  of  automated  mathematical  and  graphical  tools,  together 
with  a  detailed  description  of  many  of  the  currently  available  packages  may  be  found 
in  References  [7]  and  [8]. 

Some  available  mathematical  and  graphical  tools  include: 

MathCAD  3.0  by  MathSoft  Inc. 

MathSoft,  Inc. 

201  Broadway 
Cambridge,  MA  02139 
(800)  MAT-HCAD 

Mathematica  2.0  by  Wolfram  Research  Inc. 

Wolfram  Research  Inc. 

100  Trade  Center  Drive 
Champaign,  IL  61820-7237 
(217)  398-0700,  FAX  (217)  398-0747 

MAPLE  by  Waterloo  Maple  Software 

Waterloo  Maple  Software 
160  Columbia  St.  W. 

Waterloo,  Ontario,  Canada  N2L  3L3 
(519)  747-2373 
FAX  (519)  747-5284 

7.7  Testability  Analysis  Tools 

Wide  use  of  testability  analysis  tools  has  not  been  prevalent  until  about  the  last  5 
years.  Testability  techniques  and  tools  are  now  widely  accepted  and  have  matured  to 
the  point  where  they  are  currently  being  applied  to  help  meet  testability 
requirements.  Much  of  the  development  effort  was  done  to  address  testability 
problems  in  digital  electronics.  Hence  many  of  the  tools  available  today  are 
applicable  only  to  digital  electronic  technology  at  the  component  or  circuit  card 
level. 

There  are  three  fundamentally  different  approaches  to  the  assessment  and 
analysis  of  testability:  a)  Checklists,  b)  Controllability/Observability  and  c) 
Dependency  Modeling.  Two  of  the  three  techniques,  address  primarily  digital 
systems.  Only  dependency  modeling  can  be  effectively  applied  to  other  system  types 
such  as  analog,  mechanical,  electro-mechanical  and  fluid  or  process  control  systems. 

One  of  these  approaches  (checklists)  is  documented  in  MIL-STD-2165  [Reference 
9].  Most  of  the  currently  available  automated  testability  tools,  however,  are  not 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


108 


CRTA-CE 


based  upon  this  methodology  but  rather  are  based  upon  dependency  modeling.  An 
extensive  list  of  testability  tools  together  with  a  detailed  discussion  of  the  advantages 
and  disadvantages  of  the  various  testability  assessment  and  analysis  methods  may 
be  found  in  Reference  [10].  It  should  be  noted  that  a  number  of  the  automated  tools 
in  Reference  [10]  are  limited  access  i.e.,  they  are  proprietary  in  nature  and  are  limited 
to  government  agencies  only. 

Some  of  the  non-limited-access  dependency-modeling-based  testability  analysis 
tools  available  include; 

STAT  (System  Testability  Analysis  Tool)  by  DETEX  Systems,  Inc. 

DETEX  Systems,  Inc. 

1574  N.  Batavia,  Suite  4 
Orange,  CA  92667 
(714)  637-9325 

STAMP  (System  Testability  and  Maintenance  Program)  by  ARINC 

ARINC  Research  Corporation 
2551  Riva  Road 
Annapolis,  MD  21401 
(301)266-4000 

7.8  Finite  Element  Analysis  Tools 

One  very  important  advantage  of  the  finite  element  analysis  method  is  that  a 
single  model  can  often  be  used  to  perform  both  a  thermal  analysis  and  structural 
analysis.  This  dual  analysis  capability  makes  the  technique  especially  powerful  since 
it  can  dramatically  increase  the  productivity  of  design  engineers.  Some  of  the 
available  software  tools  have  this  dual  function  capability  while  others  are  limited 
to  either  one  function  or  the  other.  Other  factors  being  equal,  the  dual  function 
programs  are  generally  preferred  over  the  single  function  variety. 

Some  available  finite  elements  tools  which  include  dual  function,  thermal  and 
structural  analysis,  capability  are: 

NISA  II  by  Engineering  Mechanics  Research  Corp. 

Engineering  Mechanics  Research  Corp. 

P.  O.  Box  696 
Troy,  MI  48099 
(313)  689-0077 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


CRTA-CE 


109 


ANSYS  by  Swanson  Analysis  Systems,  Inc. 

Swanson  Analysis  Systems,  Inc. 

Johnson  Rd. 

P.  O.  Box  65 
Houston,  PA  15342-006 
(412)  746-3304 

7.9  Automated  Tool  References 

[1]  Caroli,  J.A.,  "A  Survey  of  Reliability,  Maintainability,  Supportability  and 
Testability  Software  Tools,"  RL-TR-91-87 

[2]  MIL-HDBK-251,  "Reliability /Design  Thermal  Applications" 

[3]  Morrison,  G.N.,  et  al.  (Hughes  Aircraft  Company),  "RADC  Thermal  Guide 
for  Reliability  Engineers,"  RADC-TR-82-172 

[4]  Cendes,  Z.  J.,  "Electromagnetic  Simulators,"  IEEE  Spectrum,  Volume  27, 
Number  11,  November  1990 

[51  Swanson  Jr,  D.  G.,  "Simulating  EM  Fields,"  IEEE  Spectrum,  Volume  28, 
Number  11,  November  1991 

[6]  Coit,  D.  W.,  Priore,  M.  G.,  "Impact  of  Nonoperating  Periods  on  Equipment 
Reliability,"  RADC-TR-85-91,  May  1985 

[7]  Foster,  K.  R.,  "Prepackaged  Math,"  IEEE  Spectrum,  Volume  28,  Number  11, 
November  1991 

[8]  Hines,  J.  R.,  "Affordable  Analog  Design,"  IEEE  Spectrum,  Volume  27, 
Number  11,  November  1990 

[9]  Coit,  D.  W.,  Priore,  M.  G.,  "Impact  of  Nonoperating  Periods  on  Equipment 
Reliability,"  RADC-TR-85-91,  May  1985 

[10]  MIL-STD-2165,  "Testability  Program  for  Systems  and  Equipment" 

[11]  Unkle,  R.,  "Testability  Design  and  Assessment  Tools,"  CRTA-TEST, 
Reliability  Analysis  Center,  December  1991 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,Ronrte,  NY  13440  -6916  •  315-337-0900 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


SECTION  8 

SOME  CHALLENGES  FOR  CE 
IN  TODAY'S  AUTOMATION 
ENVIRONMENT 


CRTA-CE 


113 


8.0  SOME  CHALLENGES  FOR  CE  IN  TODAYS  AUTOMATION 
ENVIRONMENT 

8.1  Present  Database  Limitations 

The  lack  of  a  viable  database  is  one  of  the  chief  obstacles  to  the  automation  of  CE 
today.  Supporting  various  groups  of  engineers  working  in  tandem,  demands  a  very 
different  type  of  support  from  a  Database  Management  System  (DBMS)  than  does 
traditional  data  processing.  Traditional  DBMS’s  are  inadequate  for  this  type  of  task. 

An  Object-Oriented  DBMS  rather  than  a  record-oriented  DBMS  is  needed. 
Traditional  hierarchical  or  relational  DBMS  lack  the  power  needed  to  model  the 
types  of  information  generated  through  all  phases  of  product  and  process  design. 
Object-oriented  models  address  the  requirements  and  resulting  physical  structure  of 
a  system  with  objects  (which  combine  data  and  processes).  These  are  based  on 
defining  and  understanding  the  relationships  between  objects.  In  such  a 
relationship,  objects  pass  data  back  and  forth.  To  define  the  relationship,  the  nature 
of  the  data,  rather  than  the  actual  data,  is  examined  to  understand  how  an  object 
uses  the  data. 

At  present  there  are  three  major  database  related  challenges:  1)  Modeling  Data,  2) 
Providing  Interactivity,  and  3)  Supplying  Versioning  and  Configuration  Control. 

8.2  Limitations  of  Today's  Automated  Tools 

The  availability  of  automated  tools  for  all  of  the  various  aspects  of  CE  is  not 
consistent.  While  these  tools  may  be  readily  available  for  some  phases  of  the  design 
effort,  they  may  not  be  available  for  others. 

CONCEPTUAL  DESIGN  PHASE  TOOLS  -  Conceptual  design  involves  the 
decomposition  of  high  level  product  requirements  into  successively  lower  levels  of 
design  detail.  Very  few  automated  tools  of  any  kind  are  presently  available  for  this 
phase  of  the  design  effort.  A  significant  need  exists  for  more  rule-based  expert 
systems,  particularly  for  conceptual  design. 

DESIGN  SYNTHESIS  PHASE  TOOLS  -  Although  somewhat  limited  at  present, 
automated  design  synthesis  tools  are  becoming  more  readily  available  for  this  phase 
of  the  design  effort. 

DESIGN  EVALUATION  PHASE  TOOLS  -  This  phase  is  currently  the  most 
automated.  Most  presently  available  automated  tools  specifically  address  design 
evaluation. 

TOOL  INTEGRATION  -  A  major  need,  at  present,  is  the  integration  of  the 
various  "stand  alone"  automated  tools.  This  implies  the  need  for  a  common 
"Object-Oriented"  database  rather  than  "Record-Oriented"  database  capable  of  "Real 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St.,  Rome,  NY  13440  -6916  •  315-337-0900 


114 


CRTA-CE 


Time"  integration  of  all  of  the  quantifiable  characteristics  of  the  product  design,  its 
associated  manufacturing  process  and  its  fielded  support  needs  plus  the  ability  to 
electronically  transfer  the  applicable  data  from  one  automated  tool  to  another. 

8.3  Challenges  for  CE  References 

[1]  Richter,  Dr.  K.J.,  "Concurrent  Engineering  Some  Definitions  and  Issues,"  '92 
Product  Assurance  Forum,  April  1992 

[2]  Rosenblatt,  A.,  et  al.,  "Concurrent  Engineering,”  IEEE  Spectrum,  Volume  28, 
Number  7,  July  1991 

[3]  Atwood,  T.M.,  "The  Case  for  Object-Oriented  Databases,"  IEEE  Spectrum, 
Volume  28,  Number  2,  February  1991 


Reliability  Analysis  Center  (RAC)  •  201  Mill  St..Ron»e,  NY  13440  -6916  •  315-337-0900 


APPENDIX  A: 
RAC  PRODUCTS 


RAC  Product  Order  Form 


U.S. 

Non-U.& 

MIL-HDBK-217F,  Notice  1  (Microsoft  Word  Version  4.0) 

75.00 

85.00 

MIL-HDBK-338B  (Draft)  (Microsoft  Word  Version  4.0) 

95.00 

105.00 

■1 

Analog  Tasting  Handbook 

100.00 

120.00 

FACE 

Introduction  to  Concurrent  Engineering:  Electronic  Circuit  Design  and 
Production  Applications 

75.00 

85.00 

TA-GAAS 

An  Assessment  of  GaAs  Device  Quality  and  Reliability 

50.00 

60.00 

TA-PEM 

Plastic  Microcircuit  Packages;  A  Technology  Review 

50.00 

60.00 

TA-QML 

Qualified  Manufacturer’s  List;  New  Device  Manufacturing  and  Procurement 
Technique 

50.00 

60.00 

TA-TEST 

Testability  Design  and  Assessment  Tools 

50.00 

60.00 

R-4 

Discrete  Semiconductor  Device  Raliability 

100.00 

120.00 

D-91 

Failure  Mode/Mechanism  Distributions 

100.00 

120.00 

A 

Fault  Tree  Analysis  Application  Guide 

80.00 

90.00 

)R-21 

Microcircuit  Device  Reliability  Trend  Analysis  Databook 

100.00 

120.00 

)R-22 

Miaocircuit  Screening  Analysis 

125.00 

145.00 

•AT-I 

Miaoelectronics  Failure  Analysis  Techniques  -  A  Procedural  Guide 

140.00 

180.00 

■AT-2 

GaAs  Microcircuit  Characterization  &  Failure  Analysis  Techniques 

100.00 

120.00 

■AT-1&2 

Combined  set  of  MFAT-1  and  MFAT-2 

200.00 

260.00 

)NOP-1 

Nonoperating  Reliability  Databook 

150.00 

170.00 

•RD-91 

Nonelectronic  Parts  Reliability  Data  1 991 

150.00 

170.00 

>RD-91P 

Nonelectronic  Parts  Reliability  Data  1 991  (IBM  PC  database) 

400.00 

440.00 

>S-1 

Analysis  Techniques  for  Mechanical  Reliability 

60.00 

70.00 

)IM-92 

A  Primer  for  DoD  Reliability,  Maintainability,  Safety  and  Logistics  Stds 

120.00 

140.00 

WlL-1 

QML  Workshop  Proceedings 

25.00 

35.00 

REF 

RAC  Quick  Reference  Guides 

39.00 

49.00 

\C-NRPS 

Nonoperating  Reliability  Prediction  System  (Includes  NONOP-1) 

1400.00 

1450.00 

iilST-91 

Reliability  and  Maintainability  Software  Tools  1991 

50.00 

60.00 

3 

FIAC  Quarterly  (Annual  Subscription-  4  issues) 

30.00 

35.00 

3AR-2 

Practical  Statistical  Analysis  for  the  Reliability  Enginees 

40.00 

50.00 

3AR-4 

Confidence  Bounds  for  System  Reliability 

50.00 

60.00 

)AR-5 

Surface  Mount  Technology:  A  Reliability  Review 

60.00 

70.00 

3AR-6 

ESD  Control  in  the  Manufacturing  Environment 

60.00 

70.00 

)AR-7 

A  Guide  for  Implementing  Total  Quality  Management 

75.00 

85.00 

)AR-8 

Process  Action  Team  (PAT)  Handbook 

80.00 

90.00 

>RED 

VHSIC  Reliability  Prediction  Software 

150.00 

170.00 

:AP-91 

Electrostatic  Discharge  Susceptibility  Data  1991 

150.00 

170.00 

y\P-91P 

Electrostatic  Discharge  Susceptibility  Data  1991  (IBM  PC  database) 

400.00 

440.00 

IN 

RAC  Newsletter  (Distributed  free  of  charge  each  quarter) 

0.00 

0.00 

IG 

RAC  User  Guide  (Description  of  RAC  consulting  services) 

0.00 

0.00 

SHtPPMG  AND  HANDUNG 

-SEE  BELOW 

OUANTmr  DISCOUNT 

-SEE  BELOW 

Please  Make  Checks  Payable  to  IITRI/RAC 

ORDER  TOTAL 

Namei. 

>mpany 

Division 

Mdress 


Ordaring:  Fax  to  (315)  337-9932  or  mail  to  Raliability  Analyaia  Cantar,  P.O 
Box  4700,  Rom^  NY,  13442-4700.  Prepayment  is  prefen^.  Credit  cards 
(VISA,  AMEX,  MSTR)  are  accepted  for  purchases  of  $25  and  up.  All  Non-U 
orders  must  be  accompanied  by  a  check  drawn  on  a  US  bank. 

Shipping  ft  handling:  U.S  orders  add  $2.00  per  book,  $3.00  for  First  Class 
Non-US  add  $4.(X>  per  book  for  surface  mail,  $15.00  per  book  for  air  mail. 


City 

State 

Country 

Phone 


Zip. 


QuantlM  diacounta  are  available  for  lO-i-  copies.  To  order  call  800-526-480 
315-339-7047  or  write  to  above  address. 

Military  aganclaa:  Blanket  Purchase  Agreement,  DO  Form  1155,  may  be  ut 
for  ordering  RAC  products  aruf  services.  Indicate  the  maximum  amount 
authorized  and  cutoff  date  and  specify  products  and  services  to  be  provided 
Identify  vendor  as  IIT  Researcn  Institute/Reliabillty  Aitalysis  Canter, 


Ext 


